VYPR

rpm package

suse/liblouis&distro=SUSE Linux Enterprise Module for Desktop Applications 15

pkg:rpm/suse/liblouis&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015

Vulnerabilities (8)

  • CVE-2018-17294MedSep 21, 2018
    affected < 3.3.0-4.5.1fixed 3.3.0-4.5.1

    The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionarie

  • CVE-2018-12085HigJun 9, 2018
    affected < 3.3.0-4.5.1fixed 3.3.0-4.5.1

    Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.

  • CVE-2018-11685HigJun 4, 2018
    affected < 3.3.0-4.5.1fixed 3.3.0-4.5.1

    Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.

  • CVE-2018-11684HigJun 4, 2018
    affected < 3.3.0-4.5.1fixed 3.3.0-4.5.1

    Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.

  • CVE-2018-11683HigJun 4, 2018
    affected < 3.3.0-4.5.1fixed 3.3.0-4.5.1

    Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.

  • CVE-2018-11577HigMay 31, 2018
    affected < 3.3.0-4.5.1fixed 3.3.0-4.5.1

    Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.

  • CVE-2018-11440HigMay 25, 2018
    affected < 3.3.0-4.5.1fixed 3.3.0-4.5.1

    Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c.

  • CVE-2018-11410CriMay 24, 2018
    affected < 3.3.0-4.5.1fixed 3.3.0-4.5.1

    An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in compileTranslationTable.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.