Important: golang

Issue Overview: Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates. CVE-2019-17596 Affected Packages:...

Important: glib2

Issue Overview: GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in goptiongroupaddentries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a...

Important: postfix

Issue Overview: Postfix through 3.8.4 allows SMTP smuggling unless configured with smtpddatarestrictions=rejectunauthpipelining and smtpddiscardehlokeywords=chunking or certain other options that exist in recent versions. Remote attackers can use a published exploitation technique to inject e-mai...

Important: libtiff

Issue Overview: An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. CVE-2023-6277 Affected Packages: libtiff Issue Correction: Run yum update libtiff or yu...

Important: xorg-x11-server

Issue Overview: A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is...

Medium: zbar

Issue Overview: A heap-based buffer overflow exists in the qrreadermatchcenters function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare...

Low: nmap

Issue Overview: Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service. CVE-2018-15173 Affected Packages: nmap Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: java-1.8.0-openjdk

Issue Overview: An issue was discovered in function ciMethodBlocks::makeblockat in Oracle JDK HotSpot VM 11, 17 and OpenJDK HotSpot VM 8, 11, 17, allows attackers to cause a denial of service. CVE-2022-40433 Affected Packages: java-1.8.0-openjdk Issue Correction: Run yum update java-1.8.0-openjdk...

Medium: ImageMagick

Issue Overview: A vulnerability was found in ImageMagick where heap use-after-free was found in coders/bmp.c. CVE-2023-5341 Affected Packages: ImageMagick Issue Correction: Run yum update ImageMagick or yum update --advisory ALAS-2023-1856 to update your system. New Packages: i686: ...

Medium: grilo

Issue Overview: In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011. CVE-2021-39365 Affected Packages: grilo Note: This advisor...

Medium: thunderbird

Issue Overview: VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. CVE-2023-44488 Affected Packages: thunderbird Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Medium: freerdp

Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. This issue affects Clients only. Integer underflow leading to DOS e.g. abort due to WINPRASSERT with default compilation flags. When an insufficient blockLen is provided, and...

Medium: elfutils

Issue Overview: The libcpu component which is used by libasm of elfutils version 0.177 git 47780c9e, suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write CWE-787, off-by-one error CWE-193 and reachable assertion CWE-617; to exploit the vulnerabilit...

Important: thunderbird

Issue Overview: Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file...

Medium: poppler

Issue Overview: Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service. CVE-2020-18839 Affected Packages: poppler Issue Correction: Run yum update poppler or yum update --advisory ALAS-2023-1823 to update your system. New Packages: i68...

Medium: ImageMagick

Issue Overview: An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c. CVE-2021-40211 Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference betwe...

Important: nghttp2

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon receiving RSTSTREAM immediately followed by the GOAWAY frames from an upstream server. In nghttp2, cleanup of pending requests due to...

Medium: libicu60

Issue Overview: International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp. CVE-2020-21913 Affected Packages: libicu60 Note: This advisory is applicable to Amazon Linux 2 AL2...

Medium: avahi

Issue Overview: avahi-daemon denial of service can be caused by unprivileged users via DBus CVE-2023-1981 Affected Packages: avahi Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

Medium: libX11

Issue Overview: A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array...

Medium: compat-libtiff3

Issue Overview: A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones. CVE-2023-3316 Affected Packages: compat-libtiff3 Note: This advisory is applicable to Amazon Linux 2 A...

Medium: protobuf-c

Issue Overview: protobuf-c before 1.4.1 has an unsigned integer overflow in parserequiredmember. CVE-2022-48468 Affected Packages: protobuf-c Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Medium: tar

Issue Overview: paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. CVE-2019-9923 Affected Packages: tar Issue Correction: Run yum update tar or yum update --advisory ALAS-2023-1755 to update your...

Medium: jdom

Issue Overview: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. CVE-2021-33813 Affected Packages: jdom Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

Important: microcode_ctl

Issue Overview: Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. CVE-2022-21216 Incorrect default permissions in some...

Important: tar

Issue Overview: GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximate...

Important: hsqldb

Issue Overview: Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code executio...

Important: xz

Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...

Important: slapi-nis

Issue Overview: A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability. CVE-2021-3480 Affected Packages:...

Medium: targetcli

Issue Overview: An access flaw was found in targetcli, where the /etc/target and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup...

Low: libosinfo

Issue Overview: A flaw was found in libosinfo, version 1.5.0, where the script for automated guest installations, 'osinfo-install-script', accepts user and admin passwords via command line arguments. This could allow guest passwords to leak to other system users via a process listing...

Medium: openwsman

Issue Overview: Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in processconnection when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to...

Medium: python-httplib2

Issue Overview: In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string...

Low: taglib

Issue Overview: The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted audio file. CVE-2018-11439 Affected Packages: taglib Note: This advisory is applicable to Amazon Linux 2...

Medium: net-snmp

Issue Overview: snmpoidcompare in snmplib/snmpapi.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. CVE-2018-18066 Affected Packages: net-snmp...

Medium: libidn2

Issue Overview: heap-based buffer overflow in idn2toascii4i in lib/lookup.c idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.CVE-2019-18224 Affected Packages: libidn2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Medium: procps-ng

Issue Overview: If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory without any security check. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by...

Low: exempi

Issue Overview: An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .avi file.CVE-2017-18233 An issue was discovered in Exempi...

Low: libwpd

Issue Overview: In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h.CVE-2018-19208 Affected Packages: libwpd Note: This advisory is applicable to...

Medium: bind

Issue Overview: Crash from assertion error when debug log level is 10 and log entries meet buffer boundary. This flaw appears to be exploitable only when debug logging is enabled and set to at least a level of 10. As this configuration should be rare in production instances of bind, it is unlikel...

Low: libcdio

Issue Overview: A heap corruption bug was found in the way libcdio handled processing of ISO files. An attacker could potentially use this flaw to crash applications using libcdio by tricking them into processing crafted ISO files, thus resulting in local DoS.CVE-2017-18198 A double-free flaw was...

Medium: kernel

Issue Overview: The fs/ext4/inline.c:ext4readinlinedata function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memor...

Important: 389-ds-base

Issue Overview: Remote DoS via search filters in slapifiltersprintf in slapd/util.c A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted...

Medium: lynis

Issue Overview: Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. CVE-2017-8108 Affected Packages: lynis Issue Correction: Run yum update lynis or yum update --advisory ALAS-2017-847 to updat...

Medium: git

Issue Overview: Escape out of git-shell A flaw was found in the way git-shell handled command-line options for the restricted set of git-shell commands. A remote authenticated attacker could use this flaw to bypass git-shell restrictions, to view and manipulate files, by abusing the instance of t...

Medium: t1utils

Issue Overview: A buffer overflow flaw was found in the way t1utils processed, for example, certain PFB Printer Font Binary files. An attacker could use this flaw to potentially execute arbitrary code by tricking a user into processing a specially crafted PFB file with t1utils. Affected Packages:...

Important: procmail

Issue Overview: A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send an email with specially crafted headers that, when processed by formail, could cause procmail to crash or, possibly, execute arbitrary code as the user running formail...

Important: mutt

Issue Overview: A heap-based buffer overflow flaw was found in the way mutt processed certain email headers. A remote attacker could use this flaw to send an email with specially crafted headers that, when processed, could cause mutt to crash or, potentially, execute arbitrary code with the...

Medium: python

Issue Overview: An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to "quoted-overlap" zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed...

Important: libxml2

Issue Overview: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML...