RHEL 7:ImageMagick (RHSA-2020:1180)

critical Nessus Plugin ID 135041
新推出!Plugin 嚴重性目前使用 CVSS v3

計算 Plugin 嚴重性已更新為預設使用 CVSS v3 沒有 CVSS v3 評分的 Plugin 會回歸到以 CVSS v2 計算嚴重性。您可在設定下拉式選單中切換顯示嚴重性的喜好設定

Synopsis

遠端 Red Hat 主機缺少一個或多個安全性更新。

描述

遠端 Redhat Enterprise Linux 7 主機已安裝受到多個弱點影響的套件,如 RHSA-2020:1180 公告中所提及。

- ImageMagick:coders/dds.c 的 ReadDDSInfo 函數中存在 CPU 耗盡弱點 (CVE-2017-1000476)

- ImageMagick:coders/xwd.c 的 ReadXWDImage 函數中存在記憶體洩漏弱點 (CVE-2017-11166)

- ImageMagick:ReadTIFFImage 函數中發生記憶體耗盡,導致拒絕服務 (CVE-2017-12805)

- ImageMagick:format8BIM 函數中發生記憶體耗盡,導致拒絕服務 (CVE-2017-12806)

- ImageMagick:coders/pcd.c 的 ReadPCDImage 函數中發生記憶體洩漏 (CVE-2017-18251)

- ImageMagick:MagickWand/mogrify.c 的 MogrifyImageList 函數中發生宣告失敗 (CVE-2017-18252)

- ImageMagick:coders/gif.c 的 WriteGIFImage 函數中發生記憶體洩漏 (CVE-2017-18254)

- ImageMagick:coders/miff.c 的 ReadMIFFImage 函數中存在無限迴圈 (CVE-2017-18271)

- ImageMagick:coders/txt.c 的 ReadTXTImage 函數中存在無限迴圈 (CVE-2017-18273)

- ImageMagick:coders/png.c:ReadOneMNGImage() 中的無限迴圈允許攻擊者透過構建的 MNG 檔案造成拒絕服務 (CVE-2018-10177)

- ImageMagick:WriteTIFFImage 中發生記憶體洩漏 (CVE-2018-10804)

- ImageMagick:ReadYCBCRImage 中發生記憶體洩漏 (CVE-2018-10805)

- ImageMagick:coders/dcm.c 的 ReadDCMImage 函數中發生記憶體洩漏 (CVE-2018-11656)

- ImageMagick:coders/bmp.c 的 ReadBMPImage 和 WriteBMPImage 中發生越界寫入 (CVE-2018-12599)

- ImageMagick:coders/dib.c 的 ReadDIBImage 和 WriteDIBImage 中發生越界寫入 (CVE-2018-12600)

- ImageMagick:MagickCore/animate.c 的 XMagickCommand 函數中發生記憶體洩漏 (CVE-2018-13153)

- ImageMagick:coders/mpc.c 的 WriteMPCImage 中發生針對 colormap 的記憶體洩漏 (CVE-2018-14434)

- ImageMagick:coders/pcd.c 的 DecodeImage 中發生記憶體洩漏 (CVE-2018-14435)

- ImageMagick:coders/miff.c 的 ReadMIFFImage 中發生記憶體洩漏 (CVE-2018-14436)

- ImageMagick:coders/meta.c 的 parse8BIM 中發生記憶體洩漏 (CVE-2018-14437)

- ImageMagick:透過構建的輸入檔案造成 CPU 耗盡 (CVE-2018-15607)

- ImageMagick:MagickCore/log.c 的 CheckEventLogging 函數中存在 NULL 指標取消參照 (CVE-2018-16328)

- ImageMagick:coders/png.c 的 ReadOneJNGImage 中存在可存取宣告 (CVE-2018-16749)

- ImageMagick:coders/meta.c 的 formatIPTCfromBuffer 函數中發生記憶體洩漏 (CVE-2018-16750)

- ImageMagick:coders/msl.c 的 WriteMSLImage 中發生記憶體洩漏 (CVE-2018-18544)

- ImageMagick:coders/bmp.c 中存在無限迴圈 (CVE-2018-20467)

- ImageMagick:coders/ept.c 的 WriteEPTImage 函數中發生雙重釋放 (CVE-2018-8804)

- ImageMagick:coders/tiff.c 的 DecodeLabImage 和 EncodeLabImage 函數中存在過度反覆運算 (CVE-2018-9133)

- ImageMagick:coders/meta.c 的 formatIPTCfromBuffer 函式中的差一讀取 (CVE-2019-10131)。

- ImageMagick:coders/tiff.c 的 WriteTIFFImage 中發生堆積型緩衝區過度讀取,導致拒絕服務,或透過構建的影像檔案造成資訊洩漏 (CVE-2019-10650)

- ImageMagick:cineon 剖析元件中存在拒絕服務 (CVE-2019-11470)

- ImageMagick:在 XWD 影像剖析元件中,coders/xwd.c 的 ReadXWDImage 中存在拒絕服務 (CVE-2019-11472)

- ImageMagick:coders/tiff.c 的 WriteTIFFImage 函數中發生堆積型緩衝區過度讀取,導致 DoS 或資訊洩漏 (CVE-2019-11597)

- ImageMagick:coders/pnm.c 的 WritePNMImage 函數中發生堆積型緩衝區過度讀取,導致 DoS 或資訊洩漏 (CVE-2019-11598)

- imagemagick:coders/pango.c 的 ReadPANGOImage 函數和 coders/vid.c 的 ReadVIDImage 中存在 NULL 指標取消參照,會導致拒絕服務 (CVE-2019-12974)

- imagemagick:coders/dpx.c 的 WriteDPXImage 函數中存在記憶體洩漏弱點 (CVE-2019-12975)

- imagemagick:coders/pcl.c 的 ReadPCLImage 函數中存在記憶體洩漏弱點 (CVE-2019-12976)

- imagemagick:coders/pango.c 的 ReadPANGOImage 函數中使用未初始化的值(CVE-2019-12978)

- imagemagick:MagickCore/image.c 的 SyncImageSettings 函數中使用未初始化的值 (CVE-2019-12979)

- ImageMagick:coders/bmp.c 的 ReadBMPImage 函數中存在記憶體洩漏弱點 (CVE-2019-13133)

- ImageMagick:coders/viff.c 的 ReadVIFFImage 函數中存在記憶體洩漏弱點 (CVE-2019-13134)

- ImageMagick:ReadCUTImage 函數中存在「使用未初始化值」弱點,導致損毀和 DoS (CVE-2019-13135)

- ImageMagick:AdaptiveThresholdImage 的 MagickCore/threshold.c 存在堆積型緩衝區過度讀取,這是零寬度處理不當所致 (CVE-2019-13295)

- ImageMagick:AdaptiveThresholdImage 的 MagickCore/threshold.c 存在堆積型緩衝區過度讀取,這是零高度處理不當所致 (CVE-2019-13297)

- ImageMagick:EvaluateImages 中的 MagickCore/statistic.c 存在堆積型緩衝區溢位,這是欄處理不當所致 (CVE-2019-13300)

- ImageMagick:AcquireMagickMemory 中發生記憶體洩漏 (CVE-2019-13301)

- ImageMagick:WritePNMImage 的 coders/pnm.c 存在堆疊型緩衝區溢位,這是指派錯放所致 (CVE-2019-13304)

- ImageMagick:WritePNMImage 的 coders/pnm.c 存在堆疊型緩衝區溢位,這是 strncpy 錯放和差一錯誤所致 (CVE-2019-13305)

- ImageMagick:WritePNMImage 的 coders/pnm.c 存在堆疊型緩衝區溢位,這是差一錯誤所致 (CVE-2019-13306)

- ImageMagick:EvaluateImages 中的 MagickCore/statistic.c 存在堆積型緩衝區溢位,這是列處理不當所致 (CVE-2019-13307)

- ImageMagick:AcquireMagickMemory 發生記憶體洩漏,這是未正確處理 CLIListOperatorImages 中的 NoSuchImage 錯誤所致 (CVE-2019-13309)

- ImageMagick:AcquireMagickMemory 發生記憶體洩漏,這是 MagickWand/mogrify.c 中的錯誤所致 (CVE-2019-13310)

- ImageMagick:AcquireMagickMemory 發生記憶體洩漏,這是 wand/mogrify.c error 錯誤所致 (CVE-2019-13311)

- ImageMagick:MagickCore/layer.c 的 RemoveDuplicateLayers 中存在除以零問題 (CVE-2019-13454)

- ImageMagick:magick/blob.c resulting 中發生釋放後使用,導致拒絕服務 (CVE-2019-14980)

- ImageMagick:MagickCore/feature.c 的 MeanShiftImage 中存在除以零問題 (CVE-2019-14981)

- ImageMagick:coders/xwd.c 的 ReadXWDImage 中存在越界讀取 (CVE-2019-15139)

- ImageMagick:coders/mat.c 的 ReadMATImage 中發生釋放後使用 (CVE-2019-15140)

- ImageMagick:coders/tiff.c 的 WriteTIFFImage 中存在堆積型緩衝區溢位 (CVE-2019-15141)

- ImageMagick:magick/xwindow.c 中發生記憶體洩漏 (CVE-2019-16708)

- ImageMagick:coders/dps.c 中發生記憶體洩漏 (CVE-2019-16709)

- ImageMagick:coders/dot.c 中發生記憶體洩漏 (CVE-2019-16710、CVE-2019-16713)

- ImageMagick:coders/ps2.c 的 Huffman2DEncodeImage 中發生記憶體洩漏 (CVE-2019-16711)

- ImageMagick:coders/ps3.c 的 Huffman2DEncodeImage 中發生記憶體洩漏 (CVE-2019-16712)

- ImageMagick:coders/ps.c 的 ReadPSInfo 中存在堆積型緩衝區溢位 (CVE-2019-17540)

- ImageMagick:coders/jpeg.c 的 ReadICCProfile 函數中發生釋放後使用 (CVE-2019-17541)

- ImageMagick:coders/sgi.c 的 WriteSGIImage 中存在堆積型緩衝區溢位 (CVE-2019-19948)

- ImageMagick:coders/png.c 的 WritePNGImage 中存在堆積型緩衝區過度讀取 (CVE-2019-19949)

- ImageMagick:coders/pcd.c 的 DecodeImage 函數中發生記憶體洩漏 (CVE-2019-7175)

- ImageMagick:coders/pdf.c 的 WritePDFImage 函數中發生記憶體洩漏 (CVE-2019-7397)

- ImageMagick:coders/dib.c 的 WriteDIBImage 函數中發生記憶體洩漏 (CVE-2019-7398)

- ImageMagick:coders/ps.c 的 PopHexPixel 函數中存在堆疊型緩衝區溢位 (CVE-2019-9956)

請注意,Nessus 並未測試此問題,而是僅依據應用程式自我報告的版本號碼。

解決方案

更新受影響的套件。

另請參閱

https://cwe.mitre.org/data/definitions/20.html

https://cwe.mitre.org/data/definitions/119.html

https://cwe.mitre.org/data/definitions/121.html

https://cwe.mitre.org/data/definitions/122.html

https://cwe.mitre.org/data/definitions/125.html

https://cwe.mitre.org/data/definitions/193.html

https://cwe.mitre.org/data/definitions/200.html

https://cwe.mitre.org/data/definitions/248.html

https://cwe.mitre.org/data/definitions/369.html

https://cwe.mitre.org/data/definitions/400.html

https://cwe.mitre.org/data/definitions/401.html

https://cwe.mitre.org/data/definitions/416.html

https://cwe.mitre.org/data/definitions/456.html

https://cwe.mitre.org/data/definitions/476.html

https://cwe.mitre.org/data/definitions/617.html

https://cwe.mitre.org/data/definitions/772.html

https://cwe.mitre.org/data/definitions/787.html

https://cwe.mitre.org/data/definitions/835.html

https://access.redhat.com/security/cve/CVE-2017-11166

https://access.redhat.com/security/cve/CVE-2017-12805

https://access.redhat.com/security/cve/CVE-2017-12806

https://access.redhat.com/security/cve/CVE-2017-18251

https://access.redhat.com/security/cve/CVE-2017-18252

https://access.redhat.com/security/cve/CVE-2017-18254

https://access.redhat.com/security/cve/CVE-2017-18271

https://access.redhat.com/security/cve/CVE-2017-18273

https://access.redhat.com/security/cve/CVE-2017-1000476

https://access.redhat.com/security/cve/CVE-2018-8804

https://access.redhat.com/security/cve/CVE-2018-9133

https://access.redhat.com/security/cve/CVE-2018-10177

https://access.redhat.com/security/cve/CVE-2018-10804

https://access.redhat.com/security/cve/CVE-2018-10805

https://access.redhat.com/security/cve/CVE-2018-11656

https://access.redhat.com/security/cve/CVE-2018-12599

https://access.redhat.com/security/cve/CVE-2018-12600

https://access.redhat.com/security/cve/CVE-2018-13153

https://access.redhat.com/security/cve/CVE-2018-14434

https://access.redhat.com/security/cve/CVE-2018-14435

https://access.redhat.com/security/cve/CVE-2018-14436

https://access.redhat.com/security/cve/CVE-2018-14437

https://access.redhat.com/security/cve/CVE-2018-15607

https://access.redhat.com/security/cve/CVE-2018-16328

https://access.redhat.com/security/cve/CVE-2018-16640

https://access.redhat.com/security/cve/CVE-2018-16642

https://access.redhat.com/security/cve/CVE-2018-16643

https://access.redhat.com/security/cve/CVE-2018-16644

https://access.redhat.com/security/cve/CVE-2018-16645

https://access.redhat.com/security/cve/CVE-2018-16749

https://access.redhat.com/security/cve/CVE-2018-16750

https://access.redhat.com/security/cve/CVE-2018-17966

https://access.redhat.com/security/cve/CVE-2018-17967

https://access.redhat.com/security/cve/CVE-2018-18016

https://access.redhat.com/security/cve/CVE-2018-18024

https://access.redhat.com/security/cve/CVE-2018-18544

https://access.redhat.com/security/cve/CVE-2018-20467

https://access.redhat.com/security/cve/CVE-2019-7175

https://access.redhat.com/security/cve/CVE-2019-7397

https://access.redhat.com/security/cve/CVE-2019-7398

https://access.redhat.com/security/cve/CVE-2019-9956

https://access.redhat.com/security/cve/CVE-2019-10131

https://access.redhat.com/security/cve/CVE-2019-10650

https://access.redhat.com/security/cve/CVE-2019-11470

https://access.redhat.com/security/cve/CVE-2019-11472

https://access.redhat.com/security/cve/CVE-2019-11597

https://access.redhat.com/security/cve/CVE-2019-11598

https://access.redhat.com/security/cve/CVE-2019-12974

https://access.redhat.com/security/cve/CVE-2019-12975

https://access.redhat.com/security/cve/CVE-2019-12976

https://access.redhat.com/security/cve/CVE-2019-12978

https://access.redhat.com/security/cve/CVE-2019-12979

https://access.redhat.com/security/cve/CVE-2019-13133

https://access.redhat.com/security/cve/CVE-2019-13134

https://access.redhat.com/security/cve/CVE-2019-13135

https://access.redhat.com/security/cve/CVE-2019-13295

https://access.redhat.com/security/cve/CVE-2019-13297

https://access.redhat.com/security/cve/CVE-2019-13300

https://access.redhat.com/security/cve/CVE-2019-13301

https://access.redhat.com/security/cve/CVE-2019-13304

https://access.redhat.com/security/cve/CVE-2019-13305

https://access.redhat.com/security/cve/CVE-2019-13306

https://access.redhat.com/security/cve/CVE-2019-13307

https://access.redhat.com/security/cve/CVE-2019-13309

https://access.redhat.com/security/cve/CVE-2019-13310

https://access.redhat.com/security/cve/CVE-2019-13311

https://access.redhat.com/security/cve/CVE-2019-13454

https://access.redhat.com/security/cve/CVE-2019-14980

https://access.redhat.com/security/cve/CVE-2019-14981

https://access.redhat.com/security/cve/CVE-2019-15139

https://access.redhat.com/security/cve/CVE-2019-15140

https://access.redhat.com/security/cve/CVE-2019-15141

https://access.redhat.com/security/cve/CVE-2019-16708

https://access.redhat.com/security/cve/CVE-2019-16709

https://access.redhat.com/security/cve/CVE-2019-16710

https://access.redhat.com/security/cve/CVE-2019-16711

https://access.redhat.com/security/cve/CVE-2019-16712

https://access.redhat.com/security/cve/CVE-2019-16713

https://access.redhat.com/security/cve/CVE-2019-17540

https://access.redhat.com/security/cve/CVE-2019-17541

https://access.redhat.com/security/cve/CVE-2019-19948

https://access.redhat.com/security/cve/CVE-2019-19949

https://access.redhat.com/errata/RHSA-2020:1180

https://bugzilla.redhat.com/1532845

https://bugzilla.redhat.com/1559892

https://bugzilla.redhat.com/1561741

https://bugzilla.redhat.com/1561742

https://bugzilla.redhat.com/1561744

https://bugzilla.redhat.com/1563875

https://bugzilla.redhat.com/1572044

https://bugzilla.redhat.com/1577398

https://bugzilla.redhat.com/1577399

https://bugzilla.redhat.com/1581486

https://bugzilla.redhat.com/1581489

https://bugzilla.redhat.com/1588170

https://bugzilla.redhat.com/1594338

https://bugzilla.redhat.com/1594339

https://bugzilla.redhat.com/1598471

https://bugzilla.redhat.com/1609933

https://bugzilla.redhat.com/1609936

https://bugzilla.redhat.com/1609939

https://bugzilla.redhat.com/1609942

https://bugzilla.redhat.com/1622738

https://bugzilla.redhat.com/1624955

https://bugzilla.redhat.com/1626570

https://bugzilla.redhat.com/1626591

https://bugzilla.redhat.com/1626599

https://bugzilla.redhat.com/1626606

https://bugzilla.redhat.com/1626611

https://bugzilla.redhat.com/1627916

https://bugzilla.redhat.com/1627917

https://bugzilla.redhat.com/1636579

https://bugzilla.redhat.com/1636587

https://bugzilla.redhat.com/1636590

https://bugzilla.redhat.com/1637189

https://bugzilla.redhat.com/1642614

https://bugzilla.redhat.com/1664845

https://bugzilla.redhat.com/1672560

https://bugzilla.redhat.com/1672564

https://bugzilla.redhat.com/1687436

https://bugzilla.redhat.com/1692300

https://bugzilla.redhat.com/1700755

https://bugzilla.redhat.com/1704762

https://bugzilla.redhat.com/1705406

https://bugzilla.redhat.com/1705414

https://bugzilla.redhat.com/1707768

https://bugzilla.redhat.com/1707770

https://bugzilla.redhat.com/1708517

https://bugzilla.redhat.com/1708521

https://bugzilla.redhat.com/1726078

https://bugzilla.redhat.com/1726081

https://bugzilla.redhat.com/1726104

https://bugzilla.redhat.com/1728474

https://bugzilla.redhat.com/1730329

https://bugzilla.redhat.com/1730333

https://bugzilla.redhat.com/1730337

https://bugzilla.redhat.com/1730351

https://bugzilla.redhat.com/1730357

https://bugzilla.redhat.com/1730361

https://bugzilla.redhat.com/1730364

https://bugzilla.redhat.com/1730575

https://bugzilla.redhat.com/1730580

https://bugzilla.redhat.com/1730596

https://bugzilla.redhat.com/1730604

https://bugzilla.redhat.com/1732278

https://bugzilla.redhat.com/1732282

https://bugzilla.redhat.com/1732284

https://bugzilla.redhat.com/1732292

https://bugzilla.redhat.com/1732294

https://bugzilla.redhat.com/1757779

https://bugzilla.redhat.com/1757911

https://bugzilla.redhat.com/1765330

https://bugzilla.redhat.com/1767087

https://bugzilla.redhat.com/1767802

https://bugzilla.redhat.com/1767812

https://bugzilla.redhat.com/1767828

https://bugzilla.redhat.com/1772643

https://bugzilla.redhat.com/1792480

https://bugzilla.redhat.com/1793177

https://bugzilla.redhat.com/1801661

https://bugzilla.redhat.com/1801665

https://bugzilla.redhat.com/1801667

https://bugzilla.redhat.com/1801673

https://bugzilla.redhat.com/1801674

https://bugzilla.redhat.com/1801681

Plugin 詳細資訊

嚴重性: Critical

ID: 135041

檔案名稱: redhat-RHSA-2020-1180.nasl

版本: 1.6

類型: local

代理程式: unix

已發布: 2020/3/31

已更新: 2021/10/13

相依性: ssh_get_info.nasl, redhat_repos.nasl

風險資訊

CVSS 評分資料來源: CVE-2019-19948

VPR

風險因素: Medium

分數: 6.7

CVSS v2

風險因素: High

基本分數: 7.5

時間分數: 5.5

媒介: AV:N/AC:L/Au:N/C:P/I:P/A:P

時間媒介: E:U/RL:OF/RC:C

CVSS v3

風險因素: Critical

基本分數: 9.8

時間分數: 8.5

媒介: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

時間媒介: E:U/RL:O/RC:C

弱點資訊

CPE: cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:ImageMagick, p-cpe:/a:redhat:enterprise_linux:imagemagick-c%2b%2b, p-cpe:/a:redhat:enterprise_linux:imagemagick-c%2b%2b-devel, p-cpe:/a:redhat:enterprise_linux:ImageMagick-devel, p-cpe:/a:redhat:enterprise_linux:ImageMagick-doc, p-cpe:/a:redhat:enterprise_linux:ImageMagick-perl, p-cpe:/a:redhat:enterprise_linux:autotrace, p-cpe:/a:redhat:enterprise_linux:autotrace-devel, p-cpe:/a:redhat:enterprise_linux:emacs, p-cpe:/a:redhat:enterprise_linux:emacs-common, p-cpe:/a:redhat:enterprise_linux:emacs-el, p-cpe:/a:redhat:enterprise_linux:emacs-filesystem, p-cpe:/a:redhat:enterprise_linux:emacs-nox, p-cpe:/a:redhat:enterprise_linux:emacs-terminal, p-cpe:/a:redhat:enterprise_linux:inkscape, p-cpe:/a:redhat:enterprise_linux:inkscape-docs, p-cpe:/a:redhat:enterprise_linux:inkscape-view

必要的 KB 項目: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

可輕鬆利用: No known exploits are available

修補程式發佈日期: 2020/3/31

弱點發布日期: 2017/7/10

參考資訊

CVE: CVE-2017-11166, CVE-2017-12805, CVE-2017-12806, CVE-2017-18251, CVE-2017-18252, CVE-2017-18254, CVE-2017-18271, CVE-2017-18273, CVE-2017-1000476, CVE-2018-8804, CVE-2018-9133, CVE-2018-10177, CVE-2018-10804, CVE-2018-10805, CVE-2018-11656, CVE-2018-12599, CVE-2018-12600, CVE-2018-13153, CVE-2018-14434, CVE-2018-14435, CVE-2018-14436, CVE-2018-14437, CVE-2018-15607, CVE-2018-16328, CVE-2018-16749, CVE-2018-16750, CVE-2018-18544, CVE-2018-20467, CVE-2019-7175, CVE-2019-7397, CVE-2019-7398, CVE-2019-9956, CVE-2019-10131, CVE-2019-10650, CVE-2019-11470, CVE-2019-11472, CVE-2019-11597, CVE-2019-11598, CVE-2019-12974, CVE-2019-12975, CVE-2019-12976, CVE-2019-12978, CVE-2019-12979, CVE-2019-13133, CVE-2019-13134, CVE-2019-13135, CVE-2019-13295, CVE-2019-13297, CVE-2019-13300, CVE-2019-13301, CVE-2019-13304, CVE-2019-13305, CVE-2019-13306, CVE-2019-13307, CVE-2019-13309, CVE-2019-13310, CVE-2019-13311, CVE-2019-13454, CVE-2019-14980, CVE-2019-14981, CVE-2019-15139, CVE-2019-15140, CVE-2019-15141, CVE-2019-16708, CVE-2019-16709, CVE-2019-16710, CVE-2019-16711, CVE-2019-16712, CVE-2019-16713, CVE-2019-17540, CVE-2019-17541, CVE-2019-19948, CVE-2019-19949

BID: 102428, 103498, 104591, 104687, 105137, 106268, 106315, 106561, 106847, 106848, 107333, 107546, 107646, 108102, 108117, 108448, 108492, 108913, 109099, 109308, 109362

RHSA: 2020:1180

IAVB: 2019-B-0032-S, 2019-B-0013-S, 2019-B-0056-S, 2019-B-0062-S

CWE: 20, 119, 121, 122, 125, 193, 200, 248, 369, 400, 401, 416, 456, 476, 617, 772, 787, 835