9382 matches found
Amazon Linux AMI : curl (ALAS-2019-1233)
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl. CVE-2019-5436 An integer overflow in curl's URL API results in a buffer overflow in libcurl. CVE-2019-5435 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
Amazon Linux AMI : libxslt (ALAS-2019-1241)
libxslt allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. CVE-2019-11068 C Tenable Network Security,...
Amazon Linux AMI : tomcat8 (ALAS-2019-1234)
The HTTP/2 implementation in Apache Tomcat accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's blocking I/O, clients were able...
Amazon Linux AMI : vim (ALAS-2019-1239)
It was found that the :source! command was not restricted by the sandbox mode. If modeline was explicitly enabled, opening a specially crafted text file in vim could result in arbitrary command execution. CVE-2019-12735 C Tenable Network Security, Inc. The descriptive text and package checks in...
Amazon Linux AMI : python34 (ALAS-2019-1242)
An issue was discovered in urllib2 in Python 2.x and urllib in Python 3.x. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the query string after a ? character followed by an HTTP header...
Amazon Linux AMI : php54-pecl-imagick / php55-pecl-imagick,php56-pecl-imagick,php70-pecl-imagick,php71-pecl-imagick,php72-pecl-imagick (ALAS-2019-1237)
In PHP imagick extension, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party. CVE-2019-11037 C...
Amazon Linux AMI : docker (ALAS-2019-1245)
A flaw was discovered in the API endpoint behind the 'docker cp' command. The endpoint is vulnerable to a Time Of Check to Time Of Use TOCTOU vulnerability in the way it handles symbolic links inside a container. An attacker who has compromised an existing container can cause arbitrary files on t...
Amazon Linux AMI : dbus (ALAS-2019-1246)
dbus as used in DBusServer, allows cookie spoofing because of symlink mishandling in the reference implementation of DBUSCOOKIESHA1 in the libdbus library. This only affects the DBUSCOOKIESHA1 authentication mechanism. A malicious client with write access to its own home directory could manipulat...
Amazon Linux 2 : curl (ALAS-2019-1233)
An integer overflow in curl's URL API results in a buffer overflow in libcurl. CVE-2019-5435 A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl. CVE-2019-5436 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
Amazon Linux 2 : thunderbird (ALAS-2019-1250)
libical: Heap buffer over read in icalparser.c parsergetnextchar CVE-2019-11703 libical: Type confusion in icaltimezonegetvtimezoneproperties function in icalproperty.c CVE-2019-11706 Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 libical: Stack buffer overflow in icalrecuraddbydayrules...
Amazon Linux 2 : java-11-amazon-corretto (ALAS-2019-1246)
OpenJDK: Insufficient restriction of privileges in AccessController Security, 8216381 CVE-2019-2786 OpenJDK: Unbounded memory allocation during deserialization in Collections Utilities, 8213432 CVE-2019-2769 libpng: pngimagefree in png.c in libpng has a use-after-free because pngimagefreefunction...
Amazon Linux 2 : qemu (ALAS-2019-1248)
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
Amazon Linux 2 : kernel (ALAS-2019-1232)
An infinite loop issue was found in the vhostnet kernel module while handling incoming packets in handlerx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhostnet kernel thread,...
Amazon Linux 2 : ruby (ALAS-2019-1249)
An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur. CVE-2019-8322 An issue was discovered in RubyGems 2.6 and later through...
Amazon Linux 2 : python3 (ALAS-2019-1247)
An issue was discovered in urllib2 in Python 2.x and urllib in Python 3.x. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the path component of a URL that lacks a ? character followed b...
Amazon Linux 2 : python-jinja2 (ALAS-2019-1223)
In Pallets Jinja, str.format allows a sandbox escape. CVE-2016-10745 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux 2 Security Advisory ALAS-2019-1223. include'compat.inc'; if description scriptid126831; scriptversion"1.3";...
Important: ruby
Issue Overview: An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur. CVE-2019-8322 An issue was discovered in RubyGems 2.6 and...
Critical: dnsmasq
Issue Overview: A memory exhaustion flaw was found in dnsmasq in the EDNS0 code. An attacker could send crafted DNS packets which would trigger memory allocations which would never be freed, leading to unbounded memory consumption and eventually a crash. This issue only affected configurations...
Low: curl
Issue Overview: An integer overflow in curl's URL API results in a buffer overflow in libcurl. CVE-2019-5435 A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl. CVE-2019-5436 Affected Packages: curl Note: This advisory is applicable to Amazon...
Critical: thunderbird
Issue Overview: libical: Heap buffer over read in icalparser.c parsergetnextchar CVE-2019-11703 libical: Type confusion in icaltimezonegetvtimezoneproperties function in icalproperty.c CVE-2019-11706 Mozilla: Sandbox escape using Prompt:Open CVE-2019-11708 libical: Stack buffer overflow in...