Medium: python-pillow

Issue Overview: An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load. CVE-2021-28675 Affected Packages: python-pillow Note:...

Medium: nodejs

Issue Overview: In some cases Node.js did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service...

Medium: yajl

Issue Overview: yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. The reallocation logic at yajlbuf.cL64 may result in...

Medium: dbus

Issue Overview: D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the...

Medium: libtiff

Issue Overview: LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. CVE-2022-4645 LibTIFF 4.4.0 has an out-of-bound...

Medium: mod24_security

Issue Overview: In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity C language codebase. CVE-2022-48279...

Medium: qt5-qtsvg

Issue Overview: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled. CVE-2023-32573 Affected Packages: qt5-qtsvg Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FA...

Important: perl

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl Issue Correction: Run dnf update perl --releasever 2023.1.20230628 o...

Medium: opensmtpd

Issue Overview: asciiloadsockaddr in smtpd in OpenBSD before 7.1 errata 024 and 7.2 before errata 020, and OpenSMTPD Portable through 7.0.0-portable, can abort upon a connection from a local, scoped IPv6 address. CVE-2023-29323 Affected Packages: opensmtpd Issue Correction: Run dnf update opensmt...

Important: perl-HTTP-Tiny

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-HTTP-Tiny Issue Correction: Run dnf update perl-HTTP-Tiny --releasev...

Low: screen

Issue Overview: socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. CVE-2023-24626 Affected...

Medium: qpdf

Issue Overview: QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PDF file. CVE-2022-34503 Affected Packages: qpdf Note: This advisory is applicable to Amazon...

Medium: glib2

Issue Overview: Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular...

Low: runc

Issue Overview: No CVE associated with this advisory Affected Packages: runc Issue Correction: Run dnf update runc --releasever 2023.1.20230628 or dnf update --advisory ALAS2023-2023-231 --releasever 2023.1.20230628 to update your system. More information on how to update your system can be found...

Medium: openldap

Issue Overview: A vulnerability was found in openldap that can cause a null pointer dereference in the bermemallocx function. CVE-2023-2953 Affected Packages: openldap Issue Correction: Run dnf update openldap --releasever 2023.1.20230628 or dnf update --advisory ALAS2023-2023-219 --releasever...

Medium: binutils

Issue Overview: Potential heap based buffer overflow found in bfdelfslurpversiontables in bfd/elf.c. CVE-2023-1972 Affected Packages: binutils Issue Correction: Run dnf update binutils --releasever 2023.1.20230628 or dnf update --advisory ALAS2023-2023-229 --releasever 2023.1.20230628 to update...

Medium: openldap

Issue Overview: A vulnerability was found in openldap that can cause a null pointer dereference in the bermemallocx function. CVE-2023-2953 Affected Packages: openldap Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Co...

Important: perl-HTTP-Tiny

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-HTTP-Tiny Note: This advisory is applicable to Amazon Linux 2 AL2 Co...

Medium: qpdf

Issue Overview: QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails. CVE-2021-36978 Affected Packages: qpdf Note: This advisory is applicable to Amazon Lin...

Important: perl-Pod-Perldoc

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-Pod-Perldoc Issue Correction: Run dnf update perl-Pod-Perldoc...

Important: cups-filters

Issue Overview: A vulnerability was found in cups-filters. This security flaw occurs if you use beh to create an accessible network printer, possibly resulting in remote code execution. CVE-2023-24805 Affected Packages: cups-filters Issue Correction: Run dnf update cups-filters --releasever...

Medium: qt

Issue Overview: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate. CVE-2023-34410 Affected Packages: qt Note: This advisory is...

Medium: flac

Issue Overview: An out-of-bounds write vulnerability was found in libFlak. The vulnerability occurs due to a missing bounds check. This flaw allows a local attacker without additional execution privileges to cause local information disclosure. CVE-2021-0561 Affected Packages: flac Note: This...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap CVE-2022-50240 In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap CVE-2022-50338 A flaw was found ...

Important: squid

Issue Overview: An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker...

Medium: glib2

Issue Overview: The upstream bug report describes this issue as follows: A vulnerability was found in GLib2.0, where DoS caused by handling a malicious text-form variant which is structured to cause looping superlinear to its text size. Applications are at risk if they parse untrusted text-form...

Important: perl-Pod-Perldoc

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-Pod-Perldoc Note: This advisory is applicable to Amazon Linux 2 AL2...

Medium: openssl

Issue Overview: Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may...

Medium: glib2

Issue Overview: PCRE before 8.38 mishandles the : and \ substrings in character classes, which allows remote attackers to cause a denial of service uninitialized memory read or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

Medium: openssl11

Issue Overview: Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may...

Important: perl-HTTP-Tiny

Issue Overview: Warning has been added when HTTP::Tiny is used without verifyssl flag CVE-2023-31486 Affected Packages: perl-HTTP-Tiny Issue Correction: Run yum update perl-HTTP-Tiny or yum update --advisory ALAS-2023-1771 to update your system. New Packages: noarch: ...

Important: libeconf

Issue Overview: A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2. CVE-2023-22652 A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow'...

Important: mod_security

Issue Overview: In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity C language codebase. CVE-2022-48279...

Important: json-c

Issue Overview: A flaw was found in json-c. In printbufmemappend, certain crafted values can overflow the memory allowing an attacker to write past the memory boundary. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2020-127...

Low: yajl

Issue Overview: No CVE associated with this advisory Affected Packages: yajl Issue Correction: Run dnf update yajl --releasever 2023.1.20230628 or dnf update --advisory ALAS2023-2023-214 --releasever 2023.1.20230628 to update your system. More information on how to update your system can be found...

Important: c-ares

Issue Overview: Denial of Service. An issue in c-ares was found where a 0-byte UDP payload can cause a Denial of Service CVE-2023-32067. Affected Packages: c-ares Issue Correction: Run yum update c-ares or yum update --advisory ALAS-2023-1770 to update your system. New Packages: i686: ...

Medium: qt5-qtbase

Issue Overview: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate. CVE-2023-34410 Affected Packages: qt5-qtbase Note: This advisor...

Important: kernel

Issue Overview: A use-after-free flaw was found in nftables cross-table in the net/netfilter/nftablesapi.c function in the Linux kernel. This flaw allows a local, privileged attacker to cause a use-after-free problem at the time of table deletion, possibly leading to local privilege escalation...

Medium: opensc

Issue Overview: A heap use after free issue was found in Opensc before version 0.22.0 in scfilevalid. CVE-2021-42779 A use after return issue was found in Opensc before version 0.22.0 in insertpin function that could potentially crash programs using the library. CVE-2021-42780 Heap buffer overflo...

Medium: wayland

Issue Overview: An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wlshm buffer...

Medium: cups

Issue Overview: OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service DoS attack. A buffer overflow vulnerability in the function formatlogline could allow remote attackers...

Important: ncurses

Issue Overview: ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. CVE-2023-2949...

Important: ncurses

Issue Overview: ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. CVE-2023-2949...

Important: kernel

Issue Overview: It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. CVE-2022-2586 A heap buffer overflow flaw was found in the Linux kernel's Netfilter subsystem in the way a user provides...

Medium: glib2

Issue Overview: PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a...

Important: mysql57

Issue Overview: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 5.7.41 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

Important: kernel-livepatch-6.1.19-30.43

Issue Overview: In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. CVE-2022-48425 An out-of-bounds memory access flaw was found in the Linux kernel's XFS file system in how a user restores an XFS image after failu...

Medium: nodejs

Issue Overview: An untrusted search path vulnerability exists in Node.js. 19.6.1, 18.14.1, 16.19.1, and 14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges. CVE-2023-23920 Affected Packages: nodejs Issue Correction: Run dnf update...

Medium: python-pillow

Issue Overview: An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-25290 Affected Packages: python-pillow Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the differen...

Medium: xmlrpc

Issue Overview: XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery SSRF attacks via a crafted DTD. CVE-2016-5002 Affected Packages: xmlrpc Note: This advisory is...