logo
DATABASE RESOURCES PRICING ABOUT US

USN-4168-1: Libidn2 vulnerabilities | Cloud Foundry

Description

# ## Severity Medium ## Vendor Canonical Ubuntu ## Versions Affected * Canonical Ubuntu 18.04 ## Description It was discovered that Libidn2 incorrectly handled certain inputs. An attacker could possibly use this issue to impersonate domains. (CVE-2019-12290) It was discovered that Libidn2 incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-18224) CVEs contained in this USN include: CVE-2019-12290, CVE-2019-18224 ## Affected Cloud Foundry Products and Versions _Severity is medium unless otherwise noted._ * All versions of Cloud Foundry cflinuxfs3 prior to 0.138.0 ## Mitigation Users of affected products are strongly encouraged to follow one of the mitigations below: * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.138.0 or later. ## References * [USN-4168-1](<https://usn.ubuntu.com/4168-1>) * [CVE-2019-12290](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12290>) * [CVE-2019-18224](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18224>)


Related