Yufan You discovered that Libreoffice’s handling of documents based on ZIP archives was suspectible to spoofing attacks when the repair mode attempts to address a malformed archive structure.
Comment
Archive for September 17th, 2024
3 results.
Fabien Potencier discovered that under some conditions the sandbox mechanism of Twig, a template engine for PHP, could by bypassed. For the stable distribution (bookworm), this problem has been fixed in
Shang-Hung Wan discovered multiple vulnerabilities in the Expat XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code.