csaf_opensuse - opensuse-su-2021:0459-1

opensuse-su-2021:0459-1

Vulnerability from csaf_opensuse

Published

2021-03-21 23:09

Modified

2021-03-21 23:09

Summary

Security update for libmysofa

Notes

Title of the patch

Security update for libmysofa

Description of the patch

This update for libmysofa fixes the following issues: - Added security backports: gh#hoene/libmysofa#136 - CVE-2020-36152 - boo#1181977 gh#hoene/libmysofa#138 - CVE-2020-36148 - boo#1181981 gh#hoene/libmysofa#137 - CVE-2020-36149 - boo#1181980 gh#hoene/libmysofa#134 - CVE-2020-36151 - boo#1181978 gh#hoene/libmysofa#135 - CVE-2020-36150 - boo#1181979 gh#hoene/libmysofa#96 - CVE-2020-6860 - boo#1182883 Update to version 0.9.1 * Extended angular neighbor search to 'close the sphere' * Added and exposed mysofa_getfilter_float_nointerp method * Fixed various security issues CVE-2019-16091 - boo#1149919 CVE-2019-16092 - boo#1149920 CVE-2019-16093 - boo#1149922 CVE-2019-16094 - boo#1149924 CVE-2019-16095 - boo#1149926 CVE-2019-20016 - boo#1159839 CVE-2019-20063 - boo#1160040 This update was imported from the openSUSE:Leap:15.2:Update update project.

Patchnames

openSUSE-2021-459

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for libmysofa",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for libmysofa fixes the following issues:\n\n- Added security backports:\n    gh#hoene/libmysofa#136 - CVE-2020-36152 - boo#1181977\n    gh#hoene/libmysofa#138 - CVE-2020-36148 - boo#1181981\n    gh#hoene/libmysofa#137 - CVE-2020-36149 - boo#1181980\n    gh#hoene/libmysofa#134 - CVE-2020-36151 - boo#1181978\n    gh#hoene/libmysofa#135 - CVE-2020-36150 - boo#1181979\n    gh#hoene/libmysofa#96 - CVE-2020-6860 - boo#1182883\n\nUpdate to version 0.9.1\n\n  * Extended angular neighbor search to \u0027close the sphere\u0027\n  * Added and exposed mysofa_getfilter_float_nointerp method\n  * Fixed various security issues\n    CVE-2019-16091 - boo#1149919\n    CVE-2019-16092 - boo#1149920\n    CVE-2019-16093 - boo#1149922\n    CVE-2019-16094 - boo#1149924\n    CVE-2019-16095 - boo#1149926\n    CVE-2019-20016 - boo#1159839\n    CVE-2019-20063 - boo#1160040\n\nThis update was imported from the openSUSE:Leap:15.2:Update update project.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2021-459",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_0459-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2021:0459-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MN6725XH7QNBYEUP2ZXR5TYK6FD6RGXR/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2021:0459-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MN6725XH7QNBYEUP2ZXR5TYK6FD6RGXR/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1149919",
        "url": "https://bugzilla.suse.com/1149919"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1149920",
        "url": "https://bugzilla.suse.com/1149920"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1149922",
        "url": "https://bugzilla.suse.com/1149922"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1149924",
        "url": "https://bugzilla.suse.com/1149924"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1149926",
        "url": "https://bugzilla.suse.com/1149926"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1159839",
        "url": "https://bugzilla.suse.com/1159839"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1160040",
        "url": "https://bugzilla.suse.com/1160040"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181977",
        "url": "https://bugzilla.suse.com/1181977"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181978",
        "url": "https://bugzilla.suse.com/1181978"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181979",
        "url": "https://bugzilla.suse.com/1181979"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181980",
        "url": "https://bugzilla.suse.com/1181980"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1181981",
        "url": "https://bugzilla.suse.com/1181981"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1182883",
        "url": "https://bugzilla.suse.com/1182883"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-16091 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-16091/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-16092 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-16092/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-16093 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-16093/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-16094 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-16094/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-16095 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-16095/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-20016 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-20016/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-20063 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-20063/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-36148 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-36148/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-36149 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-36149/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-36150 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-36150/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-36151 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-36151/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-36152 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-36152/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-6860 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-6860/"
      }
    ],
    "title": "Security update for libmysofa",
    "tracking": {
      "current_release_date": "2021-03-21T23:09:29Z",
      "generator": {
        "date": "2021-03-21T23:09:29Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2021:0459-1",
      "initial_release_date": "2021-03-21T23:09:29Z",
      "revision_history": [
        {
          "date": "2021-03-21T23:09:29Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
                "product": {
                  "name": "libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
                  "product_id": "libmysofa-devel-0.9.1-bp152.4.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libmysofa0-0.9.1-bp152.4.3.1.aarch64",
                "product": {
                  "name": "libmysofa0-0.9.1-bp152.4.3.1.aarch64",
                  "product_id": "libmysofa0-0.9.1-bp152.4.3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32",
                "product": {
                  "name": "libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32",
                  "product_id": "libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64_ilp32"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
                "product": {
                  "name": "libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
                  "product_id": "libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
                "product": {
                  "name": "libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
                  "product_id": "libmysofa0-0.9.1-bp152.4.3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
                "product": {
                  "name": "libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
                  "product_id": "libmysofa-devel-0.9.1-bp152.4.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libmysofa0-0.9.1-bp152.4.3.1.s390x",
                "product": {
                  "name": "libmysofa0-0.9.1-bp152.4.3.1.s390x",
                  "product_id": "libmysofa0-0.9.1-bp152.4.3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
                "product": {
                  "name": "libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
                  "product_id": "libmysofa-devel-0.9.1-bp152.4.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libmysofa0-0.9.1-bp152.4.3.1.x86_64",
                "product": {
                  "name": "libmysofa0-0.9.1-bp152.4.3.1.x86_64",
                  "product_id": "libmysofa0-0.9.1-bp152.4.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP2",
                "product": {
                  "name": "SUSE Package Hub 15 SP2",
                  "product_id": "SUSE Package Hub 15 SP2"
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmysofa-devel-0.9.1-bp152.4.3.1.aarch64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64"
        },
        "product_reference": "libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le"
        },
        "product_reference": "libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmysofa-devel-0.9.1-bp152.4.3.1.s390x as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x"
        },
        "product_reference": "libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmysofa-devel-0.9.1-bp152.4.3.1.x86_64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64"
        },
        "product_reference": "libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmysofa0-0.9.1-bp152.4.3.1.aarch64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64"
        },
        "product_reference": "libmysofa0-0.9.1-bp152.4.3.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmysofa0-0.9.1-bp152.4.3.1.ppc64le as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le"
        },
        "product_reference": "libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmysofa0-0.9.1-bp152.4.3.1.s390x as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x"
        },
        "product_reference": "libmysofa0-0.9.1-bp152.4.3.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmysofa0-0.9.1-bp152.4.3.1.x86_64 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64"
        },
        "product_reference": "libmysofa0-0.9.1-bp152.4.3.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32 as component of SUSE Package Hub 15 SP2",
          "product_id": "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        },
        "product_reference": "libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32",
        "relates_to_product_reference": "SUSE Package Hub 15 SP2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-16091",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-16091"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-16091",
          "url": "https://www.suse.com/security/cve/CVE-2019-16091"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149919 for CVE-2019-16091",
          "url": "https://bugzilla.suse.com/1149919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-16091"
    },
    {
      "cve": "CVE-2019-16092",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-16092"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-16092",
          "url": "https://www.suse.com/security/cve/CVE-2019-16092"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149920 for CVE-2019-16092",
          "url": "https://bugzilla.suse.com/1149920"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2019-16092"
    },
    {
      "cve": "CVE-2019-16093",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-16093"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-16093",
          "url": "https://www.suse.com/security/cve/CVE-2019-16093"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149922 for CVE-2019-16093",
          "url": "https://bugzilla.suse.com/1149922"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2019-16093"
    },
    {
      "cve": "CVE-2019-16094",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-16094"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-16094",
          "url": "https://www.suse.com/security/cve/CVE-2019-16094"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149924 for CVE-2019-16094",
          "url": "https://bugzilla.suse.com/1149924"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-16094"
    },
    {
      "cve": "CVE-2019-16095",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-16095"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-16095",
          "url": "https://www.suse.com/security/cve/CVE-2019-16095"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149926 for CVE-2019-16095",
          "url": "https://bugzilla.suse.com/1149926"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-16095"
    },
    {
      "cve": "CVE-2019-20016",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-20016"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-20016",
          "url": "https://www.suse.com/security/cve/CVE-2019-20016"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1159839 for CVE-2019-20016",
          "url": "https://bugzilla.suse.com/1159839"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-20016"
    },
    {
      "cve": "CVE-2019-20063",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-20063"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-20063",
          "url": "https://www.suse.com/security/cve/CVE-2019-20063"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1160040 for CVE-2019-20063",
          "url": "https://bugzilla.suse.com/1160040"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-20063"
    },
    {
      "cve": "CVE-2020-36148",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-36148"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-36148",
          "url": "https://www.suse.com/security/cve/CVE-2020-36148"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181981 for CVE-2020-36148",
          "url": "https://bugzilla.suse.com/1181981"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-36148"
    },
    {
      "cve": "CVE-2020-36149",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-36149"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-36149",
          "url": "https://www.suse.com/security/cve/CVE-2020-36149"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181980 for CVE-2020-36149",
          "url": "https://bugzilla.suse.com/1181980"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-36149"
    },
    {
      "cve": "CVE-2020-36150",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-36150"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-36150",
          "url": "https://www.suse.com/security/cve/CVE-2020-36150"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181979 for CVE-2020-36150",
          "url": "https://bugzilla.suse.com/1181979"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-36150"
    },
    {
      "cve": "CVE-2020-36151",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-36151"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-36151",
          "url": "https://www.suse.com/security/cve/CVE-2020-36151"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181978 for CVE-2020-36151",
          "url": "https://bugzilla.suse.com/1181978"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-36151"
    },
    {
      "cve": "CVE-2020-36152",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-36152"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-36152",
          "url": "https://www.suse.com/security/cve/CVE-2020-36152"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1181977 for CVE-2020-36152",
          "url": "https://bugzilla.suse.com/1181977"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-36152"
    },
    {
      "cve": "CVE-2020-6860",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-6860"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
          "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
          "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-6860",
          "url": "https://www.suse.com/security/cve/CVE-2020-6860"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1182883 for CVE-2020-6860",
          "url": "https://bugzilla.suse.com/1182883"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa-devel-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.aarch64",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.ppc64le",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.s390x",
            "SUSE Package Hub 15 SP2:libmysofa0-0.9.1-bp152.4.3.1.x86_64",
            "SUSE Package Hub 15 SP2:libmysofa0-64bit-0.9.1-bp152.4.3.1.aarch64_ilp32"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2021-03-21T23:09:29Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-6860"
    }
  ]
}

CVE-2019-20063 (GCVE-0-2019-20063)

Vulnerability from cvelistv5

Published

2019-12-29 19:59

Modified

2024-08-05 02:32

Severity ?

CWE

Summary

hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/issues/67	x_refsource_MISC
	https://github.com/hoene/libmysofa/compare/v0.7...v0.8	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:32:10.498Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/issues/67"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/compare/v0.7...v0.8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-29T19:59:59",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/issues/67"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/compare/v0.7...v0.8"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-20063",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/issues/67",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/issues/67"
            },
            {
              "name": "https://github.com/hoene/libmysofa/compare/v0.7...v0.8",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/compare/v0.7...v0.8"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-20063",
    "datePublished": "2019-12-29T19:59:59",
    "dateReserved": "2019-12-29T00:00:00",
    "dateUpdated": "2024-08-05T02:32:10.498Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-16095 (GCVE-0-2019-16095)

Vulnerability from cvelistv5

Published

2019-09-08 02:40

Modified

2024-08-05 01:03

Severity ?

CWE

Summary

Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/compare/f571522...e07edb3	x_refsource_MISC
	https://usn.ubuntu.com/4473-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.758Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
          },
          {
            "name": "USN-4473-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4473-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-01T15:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
        },
        {
          "name": "USN-4473-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4473-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16095",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
            },
            {
              "name": "USN-4473-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4473-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16095",
    "datePublished": "2019-09-08T02:40:47",
    "dateReserved": "2019-09-07T00:00:00",
    "dateUpdated": "2024-08-05T01:03:32.758Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-6860 (GCVE-0-2020-6860)

Vulnerability from cvelistv5

Published

2020-01-13 06:24

Modified

2024-08-04 09:11

Severity ?

CWE

Summary

libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/issues/96	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WGY7TAZX2M4NYXXGNHIBBKKN5XMSMKQ4/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGQ45S4RH7MC42NHTAGOIHYR4C5IRTMZ/	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:11:05.201Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/issues/96"
          },
          {
            "name": "FEDORA-2021-36ac17e5ac",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WGY7TAZX2M4NYXXGNHIBBKKN5XMSMKQ4/"
          },
          {
            "name": "FEDORA-2021-28b495e9e0",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGQ45S4RH7MC42NHTAGOIHYR4C5IRTMZ/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-16T02:06:39",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/issues/96"
        },
        {
          "name": "FEDORA-2021-36ac17e5ac",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WGY7TAZX2M4NYXXGNHIBBKKN5XMSMKQ4/"
        },
        {
          "name": "FEDORA-2021-28b495e9e0",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PGQ45S4RH7MC42NHTAGOIHYR4C5IRTMZ/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-6860",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/issues/96",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/issues/96"
            },
            {
              "name": "FEDORA-2021-36ac17e5ac",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGY7TAZX2M4NYXXGNHIBBKKN5XMSMKQ4/"
            },
            {
              "name": "FEDORA-2021-28b495e9e0",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PGQ45S4RH7MC42NHTAGOIHYR4C5IRTMZ/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-6860",
    "datePublished": "2020-01-13T06:24:16",
    "dateReserved": "2020-01-13T00:00:00",
    "dateUpdated": "2024-08-04T09:11:05.201Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-36148 (GCVE-0-2020-36148)

Vulnerability from cvelistv5

Published

2021-02-08 20:13

Modified

2024-08-04 17:23

Severity ?

CWE

Summary

Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/issues/138	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:23:09.359Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/issues/138"
          },
          {
            "name": "FEDORA-2021-4e40ccb5e6",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-26T02:06:18",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/issues/138"
        },
        {
          "name": "FEDORA-2021-4e40ccb5e6",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-36148",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/issues/138",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/issues/138"
            },
            {
              "name": "FEDORA-2021-4e40ccb5e6",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-36148",
    "datePublished": "2021-02-08T20:13:35",
    "dateReserved": "2021-01-04T00:00:00",
    "dateUpdated": "2024-08-04T17:23:09.359Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-36151 (GCVE-0-2020-36151)

Vulnerability from cvelistv5

Published

2021-02-08 20:13

Modified

2024-08-04 17:23

Severity ?

CWE

Summary

Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/issues/134	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:23:09.285Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/issues/134"
          },
          {
            "name": "FEDORA-2021-4e40ccb5e6",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-26T02:06:19",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/issues/134"
        },
        {
          "name": "FEDORA-2021-4e40ccb5e6",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-36151",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/issues/134",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/issues/134"
            },
            {
              "name": "FEDORA-2021-4e40ccb5e6",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-36151",
    "datePublished": "2021-02-08T20:13:36",
    "dateReserved": "2021-01-04T00:00:00",
    "dateUpdated": "2024-08-04T17:23:09.285Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-16091 (GCVE-0-2019-16091)

Vulnerability from cvelistv5

Published

2019-09-08 02:41

Modified

2024-08-05 01:03

Severity ?

CWE

Summary

Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/compare/f571522...e07edb3	x_refsource_MISC
	https://usn.ubuntu.com/4473-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.854Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
          },
          {
            "name": "USN-4473-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4473-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-01T15:06:14",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
        },
        {
          "name": "USN-4473-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4473-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16091",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
            },
            {
              "name": "USN-4473-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4473-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16091",
    "datePublished": "2019-09-08T02:41:28",
    "dateReserved": "2019-09-07T00:00:00",
    "dateUpdated": "2024-08-05T01:03:32.854Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-20016 (GCVE-0-2019-20016)

Vulnerability from cvelistv5

Published

2019-12-27 01:12

Modified

2024-08-05 02:32

Severity ?

CWE

Summary

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/issues/83	x_refsource_MISC
	https://github.com/hoene/libmysofa/issues/84	x_refsource_MISC
	https://github.com/hoene/libmysofa/commit/2e6fac6ab6156dae8e8c6f417741388084b70d6f	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:32:10.482Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/issues/83"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/issues/84"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/commit/2e6fac6ab6156dae8e8c6f417741388084b70d6f"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-27T15:08:03",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/issues/83"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/issues/84"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/commit/2e6fac6ab6156dae8e8c6f417741388084b70d6f"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-20016",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/issues/83",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/issues/83"
            },
            {
              "name": "https://github.com/hoene/libmysofa/issues/84",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/issues/84"
            },
            {
              "name": "https://github.com/hoene/libmysofa/commit/2e6fac6ab6156dae8e8c6f417741388084b70d6f",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/commit/2e6fac6ab6156dae8e8c6f417741388084b70d6f"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-20016",
    "datePublished": "2019-12-27T01:12:25",
    "dateReserved": "2019-12-27T00:00:00",
    "dateUpdated": "2024-08-05T02:32:10.482Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-16093 (GCVE-0-2019-16093)

Vulnerability from cvelistv5

Published

2019-09-08 02:41

Modified

2024-08-05 01:03

Severity ?

CWE

Summary

Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/compare/f571522...e07edb3	x_refsource_MISC
	https://usn.ubuntu.com/4473-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.922Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
          },
          {
            "name": "USN-4473-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4473-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-01T15:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
        },
        {
          "name": "USN-4473-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4473-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16093",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
            },
            {
              "name": "USN-4473-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4473-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16093",
    "datePublished": "2019-09-08T02:41:07",
    "dateReserved": "2019-09-07T00:00:00",
    "dateUpdated": "2024-08-05T01:03:32.922Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-16094 (GCVE-0-2019-16094)

Vulnerability from cvelistv5

Published

2019-09-08 02:40

Modified

2024-08-05 01:03

Severity ?

CWE

Summary

Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/compare/f571522...e07edb3	x_refsource_MISC
	https://usn.ubuntu.com/4473-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.770Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
          },
          {
            "name": "USN-4473-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4473-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-01T15:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
        },
        {
          "name": "USN-4473-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4473-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16094",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
            },
            {
              "name": "USN-4473-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4473-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16094",
    "datePublished": "2019-09-08T02:40:58",
    "dateReserved": "2019-09-07T00:00:00",
    "dateUpdated": "2024-08-05T01:03:32.770Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-16092 (GCVE-0-2019-16092)

Vulnerability from cvelistv5

Published

2019-09-08 02:41

Modified

2024-08-05 01:03

Severity ?

CWE

Summary

Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/compare/f571522...e07edb3	x_refsource_MISC
	https://usn.ubuntu.com/4473-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.657Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
          },
          {
            "name": "USN-4473-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4473-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-01T15:06:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
        },
        {
          "name": "USN-4473-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4473-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16092",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/compare/f571522...e07edb3"
            },
            {
              "name": "USN-4473-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4473-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16092",
    "datePublished": "2019-09-08T02:41:16",
    "dateReserved": "2019-09-07T00:00:00",
    "dateUpdated": "2024-08-05T01:03:32.657Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-36149 (GCVE-0-2020-36149)

Vulnerability from cvelistv5

Published

2021-02-08 20:13

Modified

2024-08-04 17:23

Severity ?

CWE

Summary

Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/issues/137	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:23:09.370Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/issues/137"
          },
          {
            "name": "FEDORA-2021-4e40ccb5e6",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-26T02:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/issues/137"
        },
        {
          "name": "FEDORA-2021-4e40ccb5e6",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-36149",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/issues/137",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/issues/137"
            },
            {
              "name": "FEDORA-2021-4e40ccb5e6",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-36149",
    "datePublished": "2021-02-08T20:13:36",
    "dateReserved": "2021-01-04T00:00:00",
    "dateUpdated": "2024-08-04T17:23:09.370Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-36152 (GCVE-0-2020-36152)

Vulnerability from cvelistv5

Published

2021-02-08 20:13

Modified

2024-08-04 17:23

Severity ?

CWE

Summary

Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/issues/136	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:23:09.500Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/issues/136"
          },
          {
            "name": "FEDORA-2021-4e40ccb5e6",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-26T02:06:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/issues/136"
        },
        {
          "name": "FEDORA-2021-4e40ccb5e6",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-36152",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/issues/136",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/issues/136"
            },
            {
              "name": "FEDORA-2021-4e40ccb5e6",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-36152",
    "datePublished": "2021-02-08T20:13:36",
    "dateReserved": "2021-01-04T00:00:00",
    "dateUpdated": "2024-08-04T17:23:09.500Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-36150 (GCVE-0-2020-36150)

Vulnerability from cvelistv5

Published

2021-02-08 20:13

Modified

2024-08-04 17:23

Severity ?

CWE

Summary

Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.

References

▼	URL	Tags
	https://github.com/hoene/libmysofa/issues/135	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:23:09.568Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/hoene/libmysofa/issues/135"
          },
          {
            "name": "FEDORA-2021-4e40ccb5e6",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-26T02:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/hoene/libmysofa/issues/135"
        },
        {
          "name": "FEDORA-2021-4e40ccb5e6",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-36150",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/hoene/libmysofa/issues/135",
              "refsource": "MISC",
              "url": "https://github.com/hoene/libmysofa/issues/135"
            },
            {
              "name": "FEDORA-2021-4e40ccb5e6",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-36150",
    "datePublished": "2021-02-08T20:13:36",
    "dateReserved": "2021-01-04T00:00:00",
    "dateUpdated": "2024-08-04T17:23:09.568Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

opensuse-su-2021:0459-1

Vulnerability from csaf_opensuse

CVE-2019-20063 (GCVE-0-2019-20063)

Vulnerability from cvelistv5

CVE-2019-16095 (GCVE-0-2019-16095)

Vulnerability from cvelistv5

CVE-2020-6860 (GCVE-0-2020-6860)

Vulnerability from cvelistv5

CVE-2020-36148 (GCVE-0-2020-36148)

Vulnerability from cvelistv5

CVE-2020-36151 (GCVE-0-2020-36151)

Vulnerability from cvelistv5

CVE-2019-16091 (GCVE-0-2019-16091)

Vulnerability from cvelistv5

CVE-2019-20016 (GCVE-0-2019-20016)

Vulnerability from cvelistv5

CVE-2019-16093 (GCVE-0-2019-16093)

Vulnerability from cvelistv5

CVE-2019-16094 (GCVE-0-2019-16094)

Vulnerability from cvelistv5

CVE-2019-16092 (GCVE-0-2019-16092)

Vulnerability from cvelistv5

CVE-2020-36149 (GCVE-0-2020-36149)

Vulnerability from cvelistv5

CVE-2020-36152 (GCVE-0-2020-36152)

Vulnerability from cvelistv5

CVE-2020-36150 (GCVE-0-2020-36150)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature