8699 matches found
Important: iperf3
Issue Overview: iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. CVE-2023-38403 Affected Packages: iperf3 Issue Correction: Run dnf update iperf3 --releasever 2023.1.20230809 or dnf update --advisory ALAS2023-2023-274 --releasever...
Medium: microcode_ctl
Issue Overview: A Gather Data Sampling GDS transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction load from memory to infer stale data from previously used vector registers on the same physical...
Medium: bouncycastle
Issue Overview: A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious...
Important: redis6
Issue Overview: A heap-based buffer overflow flaw was found in Redis. This flaw allows an attacker to trick an authenticated user into executing a specially crafted Lua script in Redis. This attack triggers a heap overflow in the cjson and cmsgpack libraries, resulting in heap corruption and...
Important: ca-certificates
Issue Overview: An initial fix in Amazon Linux ca-certificates package relating to CVE-2022-23491 did not properly remove root certificates from TrustCor from the root store. CVE-2023-32803 Affected Packages: ca-certificates Issue Correction: Run dnf update ca-certificates --releasever...
Medium: yajl
Issue Overview: There's a memory leak in yajl 2.1.0 with use of yajltreeparse function. which will cause out-of-memory in server and cause crash. CVE-2023-33460 Affected Packages: yajl Issue Correction: Run dnf update yajl --releasever 2023.1.20230809 or dnf update --advisory ALAS2023-2023-279...
Important: nghttp2
Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon receiving RSTSTREAM immediately followed by the GOAWAY frames from an upstream server. In nghttp2, cleanup of pending requests due to...
Medium: python-mako
Issue Overview: Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin. CVE-2022-40023 Affected Packages: python-mako Issue Correction: Run dnf update python-mako --releasever...
Medium: wireshark
Issue Overview: Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file CVE-2023-3648 iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file...
Important: openssh
Issue Overview: The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if the target user's ssh-agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into...
Important: nodejs
Issue Overview: Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range. CVE-2022-25883 Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2...
Medium: yasm
Issue Overview: Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file. CVE-2023-37732 Affected Packages: yasm Issue Correction: Run dnf update yasm --releasever 2023.1.20230809 or d...
Important: golang
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Medium: avahi
Issue Overview: A reachable assertion was found in avahidnspacketappendrecord. CVE-2023-38469 A reachable assertion was found in avahiescapelabel. CVE-2023-38470 A reachable assertion was found in dbussethostname. CVE-2023-38471 Affected Packages: avahi Issue Correction: Run dnf update avahi...
Medium: avahi
Issue Overview: A reachable assertion was found in avahidnspacketappendrecord. CVE-2023-38469 A reachable assertion was found in avahiescapelabel. CVE-2023-38470 A reachable assertion was found in dbussethostname. CVE-2023-38471 Affected Packages: avahi Issue Correction: Run yum update avahi or y...
Important: nghttp2
Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon receiving RSTSTREAM immediately followed by the GOAWAY frames from an upstream server. In nghttp2, cleanup of pending requests due to...
Important: java-1.8.0-openjdk
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...
Important: GraphicsMagick
Issue Overview: In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. CVE-2022-1270 Affected Packages: GraphicsMagick Issue Correction: Run yum update GraphicsMagick or yum update --advisory ALAS-2023-1799 to update your system. New Packages: i686: ...
Medium: openssh
Issue Overview: An issue was discovered in OpenSSH 7.4 on Amazon Linux 2 and Amazon Linux 1. The fix for CVE-2019-6111 only covered cases where an absolute path is passed to scp. When a relative path is used there is no verification that the name of a file received by the client matches the file...
Medium: cups
Issue Overview: OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service DoS attack. A buffer overflow vulnerability in the function formatlogline could allow remote attackers...
Medium: ImageMagick
Issue Overview: A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash,...
Important: ca-certificates
Issue Overview: An initial fix in Amazon Linux ca-certificates package relating to CVE-2022-23491 did not properly remove root certificates from TrustCor from the root store. CVE-2023-32803 Affected Packages: ca-certificates Issue Correction: Run yum update ca-certificates or yum update --advisor...
Important: kernel
Issue Overview: A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter...
Important: python-ecdsa
Issue Overview: An error-handling flaw was found in python-ecdsa before version 0.13.3. During signature decoding, malformed DER signatures could raise unexpected exceptions or no exceptions at all, which could lead to a denial of service. CVE-2019-14853 A flaw was found in all python-ecdsa...
Medium: java-1.8.0-openjdk
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1...
Medium: microcode_ctl
Issue Overview: Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-40982 Improper access control in som...
Important: cni-plugins
Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Affected Packages: cni-plugins Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction:...
Important: runc
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Important: golang
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Important: webkitgtk4
Issue Overview: A vulnerability was found in webkitgtk. This issue occurs when processing web content, which may lead to arbitrary code execution. CVE-2023-37450 Affected Packages: webkitgtk4 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...
Medium: python-setuptools
Issue Overview: Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py. CVE-2022-40897 Affected Packages:...
Important: cri-tools
Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send...
Medium: qemu
Issue Overview: There is a vulnerability in the lsi53c895a device which affects the latest version of qemu. The carefully designed PoC can repeatedly trigger DMA writes but does not limit the addresses written to the DMA, resulting in reentrancy issues and eventually overflow. CVE-2023-0330...
Important: kernel
Issue Overview: An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. CVE-2023-20593 An out-of-bounds write vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local...
Medium: linux-firmware
Issue Overview: An issue in "Zen 2" CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. CVE-2023-20593 Affected Packages: linux-firmware Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...
Important: nghttp2
Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon receiving RSTSTREAM immediately followed by the GOAWAY frames from an upstream server. In nghttp2, cleanup of pending requests due to...
Important: openssh
Issue Overview: The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if the target user's ssh-agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into...
Medium: tomcat
Issue Overview: The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be...
Important: containerd
Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct...
Important: runc
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Important: golist
Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...
Low: python-configobj
Issue Overview: All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?\.\. Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file. CVE-2023-26112...
Medium: avahi
Issue Overview: A reachable assertion was found in avahidnspacketappendrecord. CVE-2023-38469 A reachable assertion was found in avahiescapelabel. CVE-2023-38470 A reachable assertion was found in dbussethostname. CVE-2023-38471 Affected Packages: avahi Note: This advisory is applicable to Amazon...
Medium: java-1.8.0-openjdk
Issue Overview: Vulnerability in Oracle Java SE component: JavaFX. The supported version that is affected is Oracle Java SE: 8u371. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of thi...
Medium: ImageMagick
Issue Overview: A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file, triggering an out-of-bounds read error and allowing an application to crash,...
Medium: ruby
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could...
Important: kernel
Issue Overview: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure. CVE-2023-20569 A use-after-free...
Important: nerdctl
Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send...
Important: kernel
Issue Overview: An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfssetea in fs/ntfs3/xattr.c. CVE-2022-48502 A side channel vulnerability on some of the AMD CPUs may allow a...
Medium: wireshark
Issue Overview: VMS TCPIPtrace file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file CVE-2023-2856 XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted...