Medium: git

Issue Overview: A flaw was found in the way the git-remote-ext helper processed certain URLs. If a user had Git configured to automatically clone submodules from untrusted repositories, an attacker could inject commands into the URL of a submodule, allowing them to execute arbitrary code on the...

Medium: postgresql92, postgresql93, postgresql94

Issue Overview: Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service server crash via unspecified vectors, which are not properly handled in 1 json or 2 jsonb values. CVE-2015-5289 The...

Medium: openvpn

Issue Overview: OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service server crash via a small control channel packet. Affected Packages: openvpn Issue Correction: Run yum update openvpn or yum update --advisory...

Medium: dovecot

Issue Overview: Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service resource consumption via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. Affected...

Important: nrpe

Issue Overview: DISPUTED Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor NRPE 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/checknrpe. NOTE: this issue is disputed by multiple parties. It ha...

Important: nginx

Issue Overview: Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request. Affected Packages: nginx Issue Correction: Run yum update nginx or yum update --advisory ALAS-2014-30...

Medium: yum

Issue Overview: The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package. Affected Packages: yum Issue...

Medium: xinetd

Issue Overview: It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitra...

Medium: gnupg

Issue Overview: GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. Affected Packages: gnupg Issue Correction: Run yum update gnu...

Medium: nss

Issue Overview: A flaw was found in the way the ASN.1 Abstract Syntax Notation One decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a...

Low: python26

Issue Overview: A denial of service flaw was found in the implementation of associative arrays dictionaries in Python. An attacker able to supply a large number of inputs to a Python application such as HTTP POST request parameters sent to a web application that are used as keys when inserting da...

Medium: postgresql8

Issue Overview: A flaw was found in the way the crypt password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string w...

Medium: postgresql9

Issue Overview: The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain...

Medium: kernel

Issue Overview: The journalunmapbuffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the Delay and Unwritten buffer head states, which allows local users to cause a denial of service system crash by leveraging the presence of an ext4 filesystem that w...

Important: freetype

Issue Overview: Multiple input validation flaws were found in the way FreeType processed CID-keyed fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of t...

Important: kernel

Issue Overview: kernel: Type confusion in picknextrtentity, which can result in memory corruption. CVE-2023-1077 An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the...

Important: git

Issue Overview: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a...

Important: ghostscript

Issue Overview: Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix. CVE-2023-36664 Affected Packages: ghostscript Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ sectio...

Important: edk2

Issue Overview: A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERALNAMEcmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to...

Important: ruby

Issue Overview: A flaw was discovered in Ruby in the way certain functions handled strings containing NULL bytes. Specifically, the built-in methods File.fnmatch and its alias File.fnmatch? did not properly handle path patterns containing the NULL byte. A remote attacker could exploit this flaw t...

Important: grub2

Issue Overview: An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap...

Medium: expat

Issue Overview: Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990 A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of service. CVE-2022-25313...

Medium: php56-pecl-imagick

Issue Overview: ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. CVE-2017-1000476 The ReadXWDImage function in coders\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability th...

Medium: poppler

Issue Overview: In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service application crashes with SIGABRT by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomple...

Medium: amanda

Issue Overview: An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injecti...

Important: perl-HTTP-Tiny

Issue Overview: Warning has been added when HTTP::Tiny is used without verifyssl flag CVE-2023-31486 Affected Packages: perl-HTTP-Tiny Issue Correction: Run yum update perl-HTTP-Tiny or yum update --advisory ALAS-2023-1771 to update your system. New Packages: noarch: ...

Important: squid

Issue Overview: An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. Th...

Important: libksba

Issue Overview: Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. CVE-2022-47629 Affected Packages: libksba Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Important: systemd

Issue Overview: systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched...

Low: vim

Issue Overview: Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. CVE-2023-1127 Affected Packages: vim Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run...

Important: sssd

Issue Overview: A vulnerability was found in SSSD, in the libssscertmap functionality. PKINIT enables a client to authenticate to the KDC using an X.509 certificate and the corresponding private key, rather than a passphrase or keytab. FreeIPA uses mapping rules to map a certificate presented...

Important: xorg-x11-server

Issue Overview: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X...

Critical: apr

Issue Overview: An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same...

Important: hsqldb

Issue Overview: Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code executio...

Important: expat

Issue Overview: A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some...

Low: 389-admin

Issue Overview: A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successf ully match during authentication. This flaw allows an attacker to successfully authenticate as a user whos...

Important: gzip, xz

Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...

Important: thunderbird

Issue Overview: The Mozilla Foundation Security Advisory describes this flaw as: NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. CVE-2022-1097 The Mozilla...

Critical: samba

Issue Overview: A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. CVE-2016-2124 A flaw was found in the way Samba maps domain users to local users. ...

Medium: containerd

Issue Overview: A flaw was found in containerd. Credentials may be leaked during an image pull. CVE-2020-15157 Affected Packages: containerd Issue Correction: Run yum update containerd or yum update --advisory ALAS-2021-1555 to update your system. New Packages: src: ...

Important: cyrus-imapd

Issue Overview: A flaw was found in cyrus-imapd. A bad string hashing algorithm used in internal hash tables allows user inputs to be stored in predictable buckets. A user may cause a CPU denial of service by maliciously directing many inputs to a single bucket. The highest threat from this...

Important: thunderbird

Issue Overview: OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The master password protection was inactive for those keys. Version 78.10.2 will restore the protection mechanism for newly imported keys...

Important: lasso

Issue Overview: An XML Signature Wrapping XSW vulnerability was found in Lasso. This flaw allows an attacker to modify a valid SAML response to include an unsigned SAML assertion, which may be used to impersonate another valid user recognized by the service using Lasso. The highest threat from th...

Medium: nss

Issue Overview: A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system...

Medium: spamassassin

Issue Overview: A flaw was found in spamassassin. Malicious rule configuration .cf files can be configured to run system commands without any output or errors allowing exploits to be injected in a number of scenarios. The highest threat from this vulnerability is to data confidentiality and...

Medium: glibc

Issue Overview: A flaw was found in glibc's iconv functionality. This flaw allows an attacker capable of supplying a crafted sequence of characters to an application using iconv to convert from ISO-2022-JP-3 to cause an assertion failure. The highest threat from this vulnerability is to system...

Important: thunderbird

Issue Overview: If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affec...

Medium: golang

Issue Overview: Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. CVE-2020-28362 Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection. CVE-2020-28366 Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection. CVE-2020-28367 Affected Packages: golang Note:...

Medium: e2fsprogs

Issue Overview: An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability...

Low: poppler

Issue Overview: A divide-by-zero error was found in the way Poppler handled certain PDF files. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by an application linked to Poppler, would crash the application causing a denial of service...