Important: squid

Issue Overview: Due to chunked decoder lenience Squid is vulnerable to Request/Response smuggling attacks when parsing HTTP/1.1 and ICAP messages. CVE-2023-46846 Affected Packages: squid Issue Correction: Run yum update squid or yum update --advisory ALAS-2024-1933 to update your system. New...

Important: less

Issue Overview: closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. CVE-2022-48624 Affected Packages: less Issue Correction: Run yum update less or yum update --advisory ALAS-2024-1924 to update your system. New Packages: i686: less-436-13.13.amzn1.i686 ...

Important: thunderbird

Issue Overview: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. CVE-2024-1546 Through a series of API calls and...

Medium: openssh

Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...

Medium: expat

Issue Overview: Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990 Affected Packages: expat Issue Correction: Run yum update expat or yum update --advisory ALAS-2023-1882 to update your system. New Packages: i686: expat-devel-2.1.0-15.34.amzn1.i686...

Medium: opensc

Issue Overview: Potential PIN bypass. When the token/card was plugged into the computer and authenticated from one process, it could be used to provide cryptographic operations from different process when the empty, zero-length PIN and the token can track the login status using some of its...

Important: apache-ivy

Issue Overview: Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own...

Low: shadow-utils

Issue Overview: A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve t...

Medium: qt5-qtsvg

Issue Overview: Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions 5.15.1, 6.0.0, 6.0.2, and 6.2, allows local attackers to cause a denial of service DoS. CVE-2021-28025 A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in...

Important: webkitgtk4

Issue Overview: A vulnerability was found in webkitgtk. This issue occurs when processing web content, which may lead to arbitrary code execution. CVE-2023-37450 Affected Packages: webkitgtk4 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

Important: kernel

Issue Overview: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash o...

Medium: python-requests

Issue Overview: A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This is a product of how rebuildproxies is used to recompute and reattach the...

Important: bind

Issue Overview: A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

Medium: openssl11

Issue Overview: Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may...

Medium: git

Issue Overview: Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to git apply --reject, a path outside the working tree can be overwritten with partially controlled...

Medium: curl

Issue Overview: The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the...

Important: squid

Issue Overview: An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restrict...

Medium: glib2

Issue Overview: A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition. CVE-2021-3800 Affected Packages: glib2 Note: This advisory is applicable to Amazon Linux 2 AL2...

Important: openldap

Issue Overview: An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered...

Important: vim

Issue Overview: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. CVE-2023-0288 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. CVE-2023-0433 Divide By Zero in GitHub repository vim/vim prior to 9.0.1247. CVE-2023-0512 Divide By Zero in GitHub...

Medium: git

Issue Overview: Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git...

Important: libXpm

Issue Overview: A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library. CVE-2022-44617 A flaw was found ...

Critical: nspr

Issue Overview: NSS Network Security Services up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS 7, or PKCS 12 are likely to be impacted. Applications using...

Important: git

Issue Overview: Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a .gitattributes file to the repository, which contains a set of file patterns and the attributes that should be set for path...

Important: krb5

Issue Overview: Integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Affected Packages: krb5 Issue Correction: Run yum update krb5 or yum update --advisory ALAS-2023-1680 to update your system. New Packages: i686: krb5-pkinit-openssl-1.15.1-55.51.amzn1.i686 ...

Important: emacs

Issue Overview: GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggest...

Medium: postgresql93

Issue Overview: When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and...

Medium: vim

Issue Overview: The target's backtrace indicates that libc has detected a heap error or that the target was executing a heap function when it stopped. This could be due to heap corruption, passing a bad pointer to a heap function such as free, etc. Since heap errors might include buffer overflows...

Important: libtiff

Issue Overview: A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of...

Important: thunderbird

Issue Overview: Integer overflow vulnerability in avtimecodemakestring in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service DoS via crafted .mov file. CVE-2021-28429 When receiving an HTML email that contained an iframe element, which used a srcdoc...

Important: golang-github-syndtr-gocapability

Issue Overview: 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling,...

Important: aide

Issue Overview: A heap-based buffer overflow vulnerability in the base64 functions of AIDE, an advanced intrusion detection system. An attacker could crash the program and possibly execute arbitrary code through large 16k extended file attributes or ACL. CVE-2021-45417 Affected Packages: aide Not...

Important: java-1.7.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

Medium: microcode_ctl

Issue Overview: Sensitive information accessible by physical probing of JTAG interface for some IntelR Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. CVE-2022-0005 A flaw was found in hw. The APIC can operate in xAPIC mode also...

Medium: krb5

Issue Overview: A flaw was found in krb5. The Key Distribution Center KDC in MIT Kerberos 5 has a NULL pointer dereference via a FAST inner body that lacks a server field. An authenticated attacker could use this flaw to crash the Kerberos KDC server. The highest threat from this vulnerability is...

Medium: containerd

Issue Overview: A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended...

Important: dhcp

Issue Overview: A flaw was found in the Dynamic Host Configuration Protocol DHCP. There is a discrepancy between the code that handles encapsulated option information in leases transmitted "on the wire" and the code which reads and parses lease information after it has been written to disk storag...

Important: squid

Issue Overview: A flaw was found in squid. Due to improper validation while parsing the request URI, squid is vulnerable to HTTP request smuggling. This issue could allow a trusted client to perform an HTTP request smuggling attack and access services otherwise forbidden by squid. The highest...

Important: xterm

Issue Overview: A flaw was found in xterm. A specially crafted sequence of combining characters causes an out of bounds write leading to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2021-27135 Affected...

Important: net-snmp

Issue Overview: A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as syst...

Medium: libxslt

Issue Overview: libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. CVE-2019-110...

Medium: libvpx

Issue Overview: A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2,...

Low: libmspack

Issue Overview: libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile libmspack/mspack/chmd.c. The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after...

Low: libwmf

Issue Overview: No CVE associated with this advisory Affected Packages: libwmf Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update libwmf or yum update...

Low: libpng

Issue Overview: libpng before 1.6.32 does not properly check the length of chunks against the user limit. CVE-2017-12652 Affected Packages: libpng Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Medium: lynis

Issue Overview: In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing the license key, it may be...

Low: gettext

Issue Overview: An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read-catalog.c, related to an invalid free in pogramparse in po-gram-gen.y, as demonstrated by lt-msgfmt. CVE-2018-18751 Affected Packages: gettext Note: This advisory is applicable to...

Important: thunderbird

Issue Overview: Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

Important: telnet

Issue Overview: utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. CVE-2020-10188 Affected Packages: telnet Note: This advisory is...

Important: thunderbird

Issue Overview: When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird 68.5. CVE-2020-6792 When processing an email message with an ill-formed envelope, Thunderbird could read data from a random...