Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud Crowbar 9 package sane-backends, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2020-12861 — CVSS 8.8 (high): A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to…
CVE-2020-12865 — CVSS 8.0 (high): A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to…
CVE-2017-6318 — CVSS 7.5 (high): saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.
CVE-2020-12866 — CVSS 5.7 (medium): A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to…
CVE-2020-12867 — CVSS 5.5 (medium): A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local…
CVE-2020-12864 — CVSS 4.3 (medium): An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read…
CVE-2020-12863 — CVSS 4.3 (medium): An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read…
CVE-2020-12862 — CVSS 4.3 (medium): An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read…