rpm package
opensuse/poco&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/poco&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-6375 | Low | 3.3 | < 1.14.2-1.1 | 1.14.2-1.1 | Jun 21, 2025 | A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. Th | |
| CVE-2023-52389 | — | < 1.14.2-1.1 | 1.14.2-1.1 | Jan 27, 2024 | UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. Th |
- affected < 1.14.2-1.1fixed 1.14.2-1.1
A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. Th
- CVE-2023-52389Jan 27, 2024affected < 1.14.2-1.1fixed 1.14.2-1.1
UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative integer if a UTF-32 byte sequence evaluates to a value of 0x80000000 or higher. Th