Medium: krb5

Issue Overview: It was found that if a KDC served multiple realms, certain requests could cause the setupserverrealm function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. CVE-2013-1418, CVE-2013-6800 A NU...

Medium: libxcb

Issue Overview: Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the readpacket function. Affected Packages: libxcb Issue Correction: Run yum update libxcb or yum update --advisory...

Important: 389-ds-base

Issue Overview: It was discovered that the 389 Directory Server did not properly handle certain SASL-based authentication mechanisms. A user able to authenticate to the directory using these SASL mechanisms could connect as any other directory user, including the administrative Directory Manager...

Low: numpy

Issue Overview: f2py insecurely uses a temporary file. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running f2py. Affected Packages: numpy Issue Correction: Run yum update numpy or yum update --advisory ALAS-2014-302 to...

Medium: python27

Issue Overview: Buffer overflow in the socket.recvfrominto function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. Affected Packages: python27 Issue Correction: Run yum update...

Medium: quagga

Issue Overview: The bgpattrunknown function in bgpattr.c in Quagga 0.99.21 does not properly initialize the total variable, which allows remote attackers to cause a denial of service bgpd crash via a crafted BGP update. Affected Packages: quagga Issue Correction: Run yum update quagga or yum upda...

Important: 389-ds-base

Issue Overview: It was discovered that the 389 Directory Server did not properly handle certain Get Effective Rights GER search queries when the attribute list, which is a part of the query, included several names using the '@' character. An attacker able to submit search queries to the 389...

Important: openswan

Issue Overview: A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled "oe=yes" in "/etc/ipsec.conf" and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker-controlled domain containing malicious records such as by...

Medium: t1lib

Issue Overview: Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics AFM files. If a specially-crafted font file was opened by an application linked against t1lib, it could cause the application to crash or, potentially, execute arbitrary code with the...

Medium: xorg-x11-server

Issue Overview: Multiple input sanitization flaws were found in the X.Org GLX OpenGL extension to the X Window System extension. A malicious, authorized client could use these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. CVE-2010-4818 An input...

Important: cyrus-imapd

Issue Overview: The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or,...

Important: rsync

Issue Overview: Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE. Details forthcoming CVE-2024-12087 Placeholder CVE. Details forthcoming CVE-2024-12088 Placeholder CVE. Details forthcoming CVE-2024-12747 Affected Packages:...

Medium: python

Issue Overview: The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which...

Medium: webkitgtk4

Issue Overview: An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 10.4, tvOS 17.4. A maliciously crafted webpage may be able to fingerprint the user. CVE-2024-23280 The issue was addressed with...

Important: glib2

Issue Overview: GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in goptiongroupaddentries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a...

Important: ghostscript

Issue Overview: An issue was discovered in the function gdevprnopenprinterseekable in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. CVE-2023-46751 Affected Packages: ghostscript Note: This advisory is applicable to Amazon Linux 2 AL2...

Important: xorg-x11-server

Issue Overview: A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in...

Medium: ghostscript

Issue Overview: A buffer overflow vulnerability in epscprintpage in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. CVE-2020-16294 Affected Packages: ghostscript Issue Correction: Run yu...

Medium: mutt

Issue Overview: A flaw was found in mutt. When reading unencoded messages, mutt uses the line length from the untrusted input without any validation. This flaw allows an attacker to craft a malicious message, which leads to an out-of-bounds read, causing data leaks that include fragments of other...

Important: apache-ivy

Issue Overview: Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own...

Medium: bluez

Issue Overview: An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting in...

Medium: libX11

Issue Overview: libX11: out-of-bounds memory access in XkbReadKeySyms CVE-2023-43785 libX11: integer overflow in XCreateImage leading to a heap overflow. CVE-2023-43787 Affected Packages: libX11 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for th...

Medium: ImageMagick

Issue Overview: A vulnerability was found in ImageMagick. This issue occurs as an undefined behavior, casting double to sizet in svg, mvg and other coders. CVE-2023-34151 Affected Packages: ImageMagick Issue Correction: Run yum update ImageMagick or yum update --advisory ALAS-2023-1844 to update...

Medium: amanda

Issue Overview: An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injecti...

Important: monit

Issue Overview: An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization. CVE-2022-26563 Affected Packages: monit Issue Correction: Run yum update monit or yum update --advisory ALAS-2023-1805 to update your...

Medium: kernel

Issue Overview: A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-34319 A...

Medium: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1...

Medium: python-pygments

Issue Overview: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a...

Low: qemu

Issue Overview: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw...

Medium: keepalived

Issue Overview: A flaw was found in keepalived, where an improper authentication vulnerability allows an unprivileged user to change properties that could lead to an access-control bypass. CVE-2021-44225 Affected Packages: keepalived Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: thunderbird

Issue Overview: An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13. CVE-2023-37201 Cross-compartment wrappers wrapping a scripted proxy could have caused objec...

Medium: xmlrpc

Issue Overview: XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery SSRF attacks via a crafted DTD. CVE-2016-5002 Affected Packages: xmlrpc Note: This advisory is...

Medium: python-pillow

Issue Overview: An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the differen...

Medium: poppler

Issue Overview: A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service DoS via a crafted PDF file. CVE-2022-27337 Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in...

Important: squid

Issue Overview: An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restrict...

Medium: ImageMagick

Issue Overview: A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulti...

Medium: golang

Issue Overview: Calling any of the Parse functions on Go source code which contains //line directives with very large line numbers can cause an infinite loop due to integer overflow. CVE-2023-24537 Affected Packages: golang Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

Important: sssd

Issue Overview: A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access...

Medium: gstreamer-plugins-good

Issue Overview: GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. CVE-2021-3497 Affected Packages: gstreamer-plugins-good Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...

Medium: apr-util

Issue Overview: 2023-05-23: The severity level was changed from Critical to Medium. Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime...

Medium: sysstat

Issue Overview: sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures function insufficiently checks bounds before...

Medium: postgresql92

Issue Overview: When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and...

Important: vim

Issue Overview: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. CVE-2022-3520 Use After Free in GitHub repository vim/vim prior to 9.0.0789. CVE-2022-3591 A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qfupdatebuff...

Medium: util-linux

Issue Overview: A flaw was found in the Linux kernel's util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error...

Medium: mutt

Issue Overview: Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. CVE-2020-14093 Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate. CVE-2020-14154 Mu...

Important: expat

Issue Overview: In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. CVE-2022-43680 Affected Packages: expat Issue Correction: Run yum update expat or yum update --advisory ALAS-2022-1655...

Medium: pcre2

Issue Overview: An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not full...

Critical: cacti

Issue Overview: Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. CVE-2022-0730 Affected Packages: cacti Issue Correction: Run yum update cacti or yum update --advisory ALAS-2022-1634 to update your system. New Packages: noarch: ...

Medium: gnupg2

Issue Overview: A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the writestatustextandbuffer function in g10/cpr.c. This flaw allows a malicious actor to bypass access control. CVE-2022-34903 Affected Packages: gnupg2 Issue Correction: Run yum update gnupg...

Important: clamav

Issue Overview: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus ClamAV versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions...