rpm package
opensuse/sane-backends&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/sane-backends&distro=openSUSE%20Leap%2015.2
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-12866 | Med | 5.7 | < 1.0.31-lp152.7.3.1 | 1.0.31-lp152.7.3.1 | Jun 24, 2020 | A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. | |
| CVE-2020-12865 | Hig | 8.0 | < 1.0.31-lp152.7.3.1 | 1.0.31-lp152.7.3.1 | Jun 24, 2020 | A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. | |
| CVE-2020-12864 | Med | 4.3 | < 1.0.31-lp152.7.3.1 | 1.0.31-lp152.7.3.1 | Jun 24, 2020 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081. | |
| CVE-2020-12863 | Med | 4.3 | < 1.0.31-lp152.7.3.1 | 1.0.31-lp152.7.3.1 | Jun 24, 2020 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. | |
| CVE-2020-12862 | Med | 4.3 | < 1.0.31-lp152.7.3.1 | 1.0.31-lp152.7.3.1 | Jun 24, 2020 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. | |
| CVE-2020-12861 | Hig | 8.8 | < 1.0.31-lp152.7.3.1 | 1.0.31-lp152.7.3.1 | Jun 24, 2020 | A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. | |
| CVE-2020-12867 | Med | 5.5 | < 1.0.31-lp152.7.3.1 | 1.0.31-lp152.7.3.1 | Jun 1, 2020 | A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075. |
- affected < 1.0.31-lp152.7.3.1fixed 1.0.31-lp152.7.3.1
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
- affected < 1.0.31-lp152.7.3.1fixed 1.0.31-lp152.7.3.1
A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.
- affected < 1.0.31-lp152.7.3.1fixed 1.0.31-lp152.7.3.1
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
- affected < 1.0.31-lp152.7.3.1fixed 1.0.31-lp152.7.3.1
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.
- affected < 1.0.31-lp152.7.3.1fixed 1.0.31-lp152.7.3.1
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
- affected < 1.0.31-lp152.7.3.1fixed 1.0.31-lp152.7.3.1
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
- affected < 1.0.31-lp152.7.3.1fixed 1.0.31-lp152.7.3.1
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.