Medium: freetype

Issue Overview: A segmentation fault was found in FreeType's FTRequestSize function in the ftobjs.c file. This flaw allows an attacker to access a memory location in a way that could cause an application to halt or crash, leading to a denial of service. CVE-2022-27406 Affected Packages: freetype...

Medium: tar

Issue Overview: paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. CVE-2019-9923 Affected Packages: tar Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ sectio...

Important: gd

Issue Overview: DISPUTED gdImageGd2Ptr in gdgd2.c in the GD Graphics Library aka LibGD through 2.3.2 has a double free. NOTE: the vendor's position is "The GD2 image format is a proprietary image format of libgd. It has to be regarded as being obsolete, and should only be used for development and...

Important: nasm

Issue Overview: NASM v2.16 was discovered to contain a heap buffer overflow in the component quoteforpmake asm/nasm.c:856 CVE-2022-44370 Affected Packages: nasm Issue Correction: Run yum update nasm or yum update --advisory ALAS-2023-1737 to update your system. New Packages: i686: ...

Medium: audiofile

Issue Overview: In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn...

Critical: php54-pecl-memcached

Issue Overview: PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. CVE-2022-26635 Affected Packages: php54-pecl-memcached Issue Correction: Run yum update php54-pecl-memcached or yum update --advisory ALAS-2023-1670 to update you...

Important: xorg-x11-server

Issue Overview: A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper validation of the request length. CVE-2022-2319 A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of...

Important: linuxptp

Issue Overview: A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to da...

Medium: libX11

Issue Overview: A flaw was found in libX11. An integer overflow leading to a heap-buffer overflow occurs when setuid programs call XIM client functions while running with elevated privileges. The highest threat from this vulnerability are to data confidentiality and integrity as well as system...

Low: lldpad

Issue Overview: lldptool can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. This may allow an attacker to inject shell control characters into the buffer and impact the behavior of the terminal. CVE-2018-10932 Affected Packages: lldpad Note: This adviso...

Medium: mod24_auth_openidc

Issue Overview: An open redirect flaw was discovered in modauthopenidc, where it handles logout redirection. The module does not correctly validate the URL, allowing a URL with leading slashes to bypass the protection checks. A victim user may be tricked into visiting a trusted vulnerable web sit...

Low: pcp

Issue Overview: A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Modul...

Medium: dnsmasq

Issue Overview: A flaw was found in the default configuration of dnsmasq, as shipped with Fedora and Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option local-service is not enabled. Running dnsmasq ...

Important: ipa

Issue Overview: A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function berscanf was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who...

Medium: udisks2

Issue Overview: UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents, cause a denial of service memory corruption, or possibly have unspecified other impact via a malformed filesystem label, as demonstrat...

Medium: sssd

Issue Overview: A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.CVE-2018-16838 A vulnerability was found in sss...

Important: mod_auth_mellon

Issue Overview: A vulnerability was found in a previous version of modauthmellon. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them ...

Medium: tigervnc

Issue Overview: Buffer overflow in ModifiablePixelBuffer::fillRect A buffer overflow flaw, leading to memory corruption, was found in TigerVNC viewer. A remote malicious VNC server could use this flaw to crash the client vncviewer process resulting in denial of service. CVE-2017-5581 VNC server c...

Medium: munin

Issue Overview: Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user. CVE-2017-6188 Affected Packages: munin Issue Correction: Run yum update munin or yum updat...

Medium: libyaml

Issue Overview: An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. CVE-2014-9130 Affected Packages: libyaml Issue Correction: Run yum...

Medium: jbigkit

Issue Overview: Stack-based buffer overflow in the jbgdecin function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted image file. Affected Packages: jbigkit Issue Correction: Run yum...

Low: openvpn

Issue Overview: The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the C...

Low: perl-YAML-LibYAML

Issue Overview: Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML aka YAML-LibYAML and perl-YAML-LibYAML module 0.38 for Perl allow remote attackers to cause a denial of service process crash via format string specifiers in a 1 YAML stream to the Loa...

Important: tomcat

Issue Overview: When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpect...

Medium: python-pillow

Issue Overview: Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file. CVE-2016-0740 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: amazon-cloudwatch-agent

Issue Overview: Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. CVE-2024-34155 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a...

Medium: python

Issue Overview: CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due ...

Important: python3-jinja2

Issue Overview: Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

Medium: xerces-j2

Issue Overview: Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service CPU consumption via a crafted message to an XML service, which triggers hash table collisions. CVE-2012-0881 There's a vulnerability within the Apache Xerces Java XercesJ XML parser when...

Medium: python-dns

Issue Overview: eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred...

Medium: amazon-ssm-agent

Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...

Important: golang

Issue Overview: Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. CVE-2024-34155 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a...

Important: thunderbird

Issue Overview: Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 1...

Important: thunderbird

Issue Overview: An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox 128, Firefox ESR 115.13, Thunderbird 115.13, and Thunderbird 128...

Low: ca-certificates

Issue Overview: Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from GLOBALTRUST. Certifi 2024.07.04 removes ro...

Important: tigervnc

Issue Overview: A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X...

Medium: fontforge

Issue Overview: Splinefont in FontForge through 20230101 allows command injection via crafted filenames. CVE-2024-25081 Splinefont in FontForge through 20230101 allows command injection via crafted archives or compressed files. CVE-2024-25082 Affected Packages: fontforge Note: This advisory is...

Medium: unbound

Issue Overview: NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation...

Low: ImageMagick

Issue Overview: No CVE associated with this advisory Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update ImageMagick or yum...

Medium: qt5-qtbase

Issue Overview: QT-based clients may mismatch HSTS headers Strict-Transport-Security, which would prevent the client from switching to a secure HTTPS connection as requested by a server. CVE-2023-32762 Affected Packages: qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Medium: linux-firmware

Issue Overview: An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. CVE-2023-20593 Affected Packages: linux-firmware Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...

Medium: ImageMagick

Issue Overview: A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash,...

Important: apache-ivy

Issue Overview: When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordinates like the organisation, module or version. If said coordinates contain "../" sequences - which ar...

Medium: SDL2

Issue Overview: A memory leak issue was discovered in SDL2 version = SDL2-2.0.8. CVE-2022-4743 Affected Packages: SDL2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: R...

Medium: libmicrohttpd

Issue Overview: GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0'...

Medium: python3-tornado

Issue Overview: Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. CVE-2023-28370 Affected Packages: python3-tornado Not...

Important: gstreamer-plugins-good

Issue Overview: Integer overflow leading to heap overwrite in FLAC image tag handling CVE-2023-37327 Affected Packages: gstreamer-plugins-good Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Medium: fribidi

Issue Overview: A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service. CVE-2022-25308 A segmentation fault SEGV flaw was found in t...

Important: gstreamer-plugins-base

Issue Overview: Integer overflow leading to heap overwrite in FLAC image tag handling CVE-2023-37327 Affected Packages: gstreamer-plugins-base Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

Medium: cups

Issue Overview: A vulnerability was found in CUPS. This issue occurs due to logging data of free memory to the logging service AFTER the connection has been closed, when it should have logged the data immediately before the connection closed, resulting in a use-after-free in cupsdAcceptClient in...