Important: nss

Issue Overview: A heap-based buffer overflow was found in the NSCEncryptUpdate function in Mozilla nss. A remote attacker could trigger this flaw via SRTP encrypt or decrypt operations, to execute arbitrary code with the permissions of the user running the application compiled with nss. While the...

Medium: mysql57

Issue Overview: Vulnerability in the MySQL Server product of Oracle MySQL component: Information Schema. Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...

Medium: nss-softokn

Issue Overview: Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8. CVE-2019-11729 A heap-based buffer overflow was...

Important: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network...

Medium: mysql56

Issue Overview: Vulnerability in the MySQL Server product of Oracle MySQL component: Information Schema. Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...

Medium: mod_auth_mellon, mod24_auth_mellon

Issue Overview: modauthmellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.CVE-2019-13038 Affected Packages: modauthmellon, mod24authmellon Issue Correction: Run yum update modauthmellon or yum update...

Medium: oniguruma

Issue Overview: Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. CVE-2019-16163 Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in strlowercasematch in regexec.c.CVE-2019-19246 Affected Packages:...

Critical: openslp

Issue Overview: A heap-based buffer overflow was discovered in OpenSLP in the way the slpd service processes URLs in service request messages. A remote unauthenticated attacker could register a service with a specially crafted URL that, when used during a service request message, would trigger th...

Low: libsolv

Issue Overview: There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any...

Important: thunderbird

Issue Overview: Several memory safety bugs were discovered in Mozilla Firefox and Thunderbird. Memory corruption and arbitrary code execution are possible with these vulnerabilities. These bugs can be exploited over the network.CVE-2019-11764 A flaw was discovered in both Firefox and Thunderbird...

Medium: libidn2

Issue Overview: idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string. CVE-2019-18224 GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it...

Medium: samba

Issue Overview: A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba...

Medium: java-1.7.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access...

Important: SDL

Issue Overview: A heap-based buffer overflow flaw, in SDL while copying an existing surface into a new optimized one, due to a lack of validation while loading a BMP image, is possible. An application that uses SDL to parse untrusted input files may be vulnerable to this flaw, which could allow a...

Medium: file

Issue Overview: cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write.CVE-2019-18218 Affected Packages: file Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

Important: rssh

Issue Overview: Insufficient sanitation of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. CVE-2019-3464 Insufficient sanitati...

Important: git

Issue Overview: Git mistakes some paths for relative paths allowing writing outside of the worktree while cloning CVE-2019-1351 NTFS protections inactive when running Git in the Windows Subsystem for Linux CVE-2019-1353 remote code execution in recursive clones with nested submodules CVE-2019-138...

Medium: libidn2

Issue Overview: heap-based buffer overflow in idn2toascii4i in lib/lookup.c idn2toascii4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.CVE-2019-18224 Affected Packages: libidn2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Medium: udisks2

Issue Overview: UDisks 2.8.0 has a format string vulnerability in udiskslog in udiskslogging.c, allowing attackers to obtain sensitive information stack contents, cause a denial of service memory corruption, or possibly have unspecified other impact via a malformed filesystem label, as demonstrat...

Medium: file

Issue Overview: cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write. CVE-2019-18218 Affected Packages: file Issue Correction: Run yum update file or yum update --advisory...

Important: git

Issue Overview: The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.CVE-2019-1348 When submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git...

Medium: rsyslog

Issue Overview: A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash.CVE-2018-16881 Affected Packages: rsyslog Note: This advisory is applicable to Amazon Linux 2 AL...

Medium: glibc

Issue Overview: In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string,...

Important: kernel

Issue Overview: A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host...

Important: python34

Issue Overview: A security regression of CVE-2019-9636 was discovered in python, since commit d537ab0ff9767ef024f26246899728f0116b1ec3, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store...

Medium: golang

Issue Overview: It was discovered that net/http through net/textproto in golang does not correctly interpret HTTP requests where an HTTP header contains spaces before the colon. This could be abused by an attacker to smuggle HTTP requests when a proxy or a firewall is placed behind a server...

Medium: python, python3

Issue Overview: An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on th...

Medium: libapreq2

Issue Overview: Remotely exploitable null pointer dereference bug CVE-2019-12412 Affected Packages: libapreq2 Issue Correction: Run yum update libapreq2 or yum update --advisory ALAS-2019-1323 to update your system. New Packages: i686: libapreq2-libs-2.13-38.2.amzn1.i686 ...

Low: ntp

Issue Overview: The ntpq and ntpdc command-line utilities that are part of ntp package are vulnerable to stack-based buffer overflow via crafted hostname. Applications using these vulnerable utilities with an untrusted input may be potentially exploited, resulting in a crash or arbitrary code...

Low: blktrace

Issue Overview: blktrace aka Block IO Tracing 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the devmapread function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file...

Important: kernel

Issue Overview: A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host...

Low: freerdp

Issue Overview: FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvcmain.c, drdynvcprocesscapabilityrequest that can result in The RDP server can read the client's memory.. This...

Medium: microcode_ctl, kernel

Issue Overview: This security update is only applicable to EC2 Bare Metal instance types using Intel processors. Intel has released microcode updates for certain Intel CPUs. After installing the updated microcodectl package, the microcode will be automatically activated on next boot. Improper...

Medium: microcode_ctl, kernel

Issue Overview: This security update is only applicable to EC2 Bare Metal instance types using Intel processors. Intel has released microcode updates for certain Intel CPUs. After installing the updated microcodectl package, the microcode will be automatically activated on next boot. Improper...

Low: openssl

Issue Overview: No CVE associated with this advisory Affected Packages: openssl Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update openssl or yum update...

Medium: spice-gtk

Issue Overview: Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code. CVE-2018-10893 Affected Packages: spice-gtk Note: This advisory is...

Medium: binutils

Issue Overview: An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demanglearmhptemplate, demangleclassname, demanglefundtype,...

Medium: libvirt

Issue Overview: A NULL pointer dereference flaw was discovered in libvirt in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service. CVE-2019-3840 Affected Packages: libvirt Note: This advisory is...

Medium: libevent

Issue Overview: Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the 1 evbufferad...

Medium: libseccomp

Issue Overview: libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators LT, GT, LE, GE, which might able to lead to bypassing seccomp filters and potential privilege escalations. CVE-2019-9893 Affected Packages: libseccomp Note: This...

Medium: fence-agents

Issue Overview: A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fencerhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying...

Low: sox

Issue Overview: A NULL pointer dereference flaw found in the way SoX handled processing of AIFF files. An attacker could potentially use this flaw to crash the SoX application by tricking it into processing crafted AIFF files.CVE-2017-18189 Affected Packages: sox Note: This advisory is applicable...

Low: zziplib

Issue Overview: An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function zzipparserootdirectory in zip.c, which will lead to a denial of service attack.CVE-2018-16548 In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address whe...

Important: dovecot

Issue Overview: In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 and Pigeonhole before 0.5.7.2, protocol processing can fail for quoted strings. This occurs because '\\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.CVE-2019-11500 Affected Packages:...

Low: compat-libtiff3

Issue Overview: A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tifprint.c in LibTIFF 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. This affects an earlier part of the TIFFPrintDirectory function that w...

Important: subversion

Issue Overview: In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.CVE-2018-11782 In Apache Subversion versio...

Medium: samba

Issue Overview: A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba...

Medium: unixODBC

Issue Overview: A buffer overflow flaw was found in the unicodetoansicopy function of unixODBC. This overflow is not directly controllable by an attacker making the maximum potential impact a crash or denial of service.CVE-2018-7409 An argument order confusion flaw was found in the SQLWriteFileDS...

Medium: libjpeg-turbo

Issue Overview: The cjpeg utility in libjpeg allows remote attackers to cause a denial of service NULL pointer dereference and application crash or execute arbitrary code via a crafted file.CVE-2016-3616 A divide by zero vulnerability has been discovered in libjpeg-turbo in allocsarray function o...

Medium: docker

Issue Overview: A command injection flaw was discovered in Docker during the docker build command. By providing a specially crafted path argument for the container to build, it is possible to inject command options to the git fetch/git checkout commands that are executed by Docker and to execute...