Medium: bind

Issue Overview: Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of access...

Medium: exiv2

Issue Overview: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 version v0.28.1. The vulnerable function, QuickTimeVideo::NikonTagsDecoder, was new in v0.28.0, so Exiv2 versions...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

Important: libgsf

Issue Overview: An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows fo...

Medium: libtiff

Issue Overview: Multiple potential integer overflow in raw2tiff.c in libtiff = 4.5.1 can allow remote attackers to cause a denial of service application crash or possibly execute an arbitrary code via a crafted tiff image which triggers a heap-based buffer overflow. CVE-2023-41175 Affected...

Medium: python-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...

Important: amazon-cloudwatch-agent

Issue Overview: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows...

Important: bind

Issue Overview: The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This...

Medium: nerdctl

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

Medium: php8.1

Issue Overview: The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/138...

Medium: amazon-cloudwatch-agent

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

Important: flatpak

Issue Overview: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally, the --command argument of...

Medium: python-jwcrypto

Issue Overview: A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service DoS attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denia...

Medium: c-ares

Issue Overview: c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files...

Medium: liblouis

Issue Overview: Liblouis 3.5.0 has a Segmentation fault in loulogPrint in logging.c. CVE-2018-11577 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. CVE-2018-11684 Liblouis 3.5.0 has a stack-based Buffer Overflow in the function...

Important: ghostscript

Issue Overview: Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite because a single character code in a PDF document can map to more than one Unicode code point e.g., for a ligature. CVE-2020-36773 Affected Packages: ghostscri...

Medium: rust

Issue Overview: Cargo downloads a Rust project's dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by cargo build --timings. A malicious package included as a dependency may inject...

Important: wireshark

Issue Overview: GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file CVE-2024-0208 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...

Important: xorg-x11-server

Issue Overview: A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free...

Important: python-pillow

Issue Overview: The 1 loaddjpeg function in JpegImagePlugin.py, 2 Ghostscript function in EpsImagePlugin.py, 3 load function in IptcImagePlugin.py, and 4 copy function in Image.py in Python Image Library PIL 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary files, which...

Medium: gsl

Issue Overview: A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2.5 and 2.6. Processing a maliciously crafted input data for gslstatsquantilefromsorteddata of the library may lead to unexpected application...

Important: axis

Issue Overview: UNSUPPPORTED WHEN ASSIGNED UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted...

Medium: libtiff

Issue Overview: Multiple potential integer overflow in raw2tiff.c in libtiff = 4.5.1 can allow remote attackers to cause a denial of service application crash or possibly execute an arbitrary code via a crafted tiff image which triggers a heap-based buffer overflow. CVE-2023-41175 Affected...

Important: vim

Issue Overview: Use After Free in GitHub repository vim/vim prior to 9.0.1840. CVE-2023-4733 Use After Free in GitHub repository vim/vim prior to 9.0.1857. CVE-2023-4750 Use After Free in GitHub repository vim/vim prior to 9.0.1858. CVE-2023-4752 Affected Packages: vim Issue Correction: Run yum...

Medium: OpenEXR

Issue Overview: There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability. CVE-2021-3479 Affected...

Medium: transfig

Issue Overview: An out-of-bounds write flaw was found in transfig in the way the fig2dev program handled the processing of Fig format files. Specifically, the flaw affects the translation process of Fig codes into the box graphics language. This flaw allows for potential exploitation by crashing...

Medium: exiv2

Issue Overview: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted...

Medium: ghostscript

Issue Overview: A buffer overflow flaw was found in base/gdevdevn.c:1973 in devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. CVE-2023-38559 Affected Packages: ghostscript Note: This...

Low: python-configobj

Issue Overview: All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?\.\. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file. CVE-2023-26112...

Medium: transfig

Issue Overview: 2023-08-03: CVE-2021-32280 was added to this advisory. A global buffer overflow in the setfill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ge format. CVE-2020-21682 An issue was discovered in fig2dev befo...

Medium: python-mako

Issue Overview: Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin. CVE-2022-40023 Affected Packages: python-mako Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Medium: flac

Issue Overview: An out-of-bounds write vulnerability was found in libFlak. The vulnerability occurs due to a missing bounds check. This flaw allows a local attacker without additional execution privileges to cause local information disclosure. CVE-2021-0561 Affected Packages: flac Note: This...

Medium: qt5-qtbase

Issue Overview: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate. CVE-2023-34410 Affected Packages: qt5-qtbase Note: This advisor...

Medium: glib2

Issue Overview: PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a...

Low: libtiff

Issue Overview: It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. CVE-2022-2521 Affected Packages: libtiff Note: This adviso...

Important: jettison

Issue Overview: An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. CVE-2023-1436 Affected Packages: jettison Note: This advisory is...

Important: thunderbird

Issue Overview: In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. CVE-2023-32205 The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bound read could have led to...

Important: wireshark

Issue Overview: TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE-2023-0412 Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet...

Important: emacs

Issue Overview: org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. CVE-2023-28617 Affected Packages: emacs Note: This advisory is applicable to Amazon...

Important: ghostscript

Issue Overview: A heap-based buffer over write vulnerability was found in GhostScript's lp8000printpage function in gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service...

Important: exim

Issue Overview: The STARTTLS feature in Exim through 4.94.2 allows response injection buffering during MTA SMTP sending. CVE-2021-38371 Affected Packages: exim Issue Correction: Run yum update exim or yum update --advisory ALAS-2023-1722 to update your system. New Packages: i686: ...

Important: thunderbird

Issue Overview: The Mozilla Foundation describes this issue as follows: Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. CVE-2023-25751 The Mozilla Foundation describes...

Medium: freeradius

Issue Overview: When an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash...

Low: openjpeg2

Issue Overview: A flaw was found in the opj2decompress program in openjpeg2 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation...

Important: thunderbird

Issue Overview: A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Mozilla developers and the Mozilla Fuzzing Team reporting memory safety bugs in Firefox 102. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort...

Important: gzip

Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...

Important: xorg-x11-server

Issue Overview: A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the SProcRenderCompositeGlyphs function due to improper validation of the request length. CVE-2021-4008 A flaw was found in xorg-x11-server. An out-of-bounds access can occur in the...

Important: xorg-x11-server

Issue Overview: A flaw was found in xorg-x11-server. An interger underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-3472 Affected Packages:...

Important: ImageMagick

Issue Overview: A flaw was found in ImageMagick. The -authenticate option is mishandled allowing user-controlled password set for a PDF file to possibly inject additional shell commands via coders/pdf.c. The highest threat from this vulnerability is to data confidentiality and integrity as well a...

Low: hunspell

Issue Overview: Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. CVE-2019-16707 Affected Packages: hunspell Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...