Low: poppler

Issue Overview: There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h. A crafted input will lead to a remote denial of service attack. Poppler versions later than 0.41.0 are not affected.CVE-2018-10768 The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in...

Important: python36

Issue Overview: Python is affected by improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is: Information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are: urllib.parse.urlsplit,...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or,...

Important: freeradius

Issue Overview: FreeRADIUS mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and...

Medium: libxml2

Issue Overview: A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information.CVE-2015-8242 A denial of service flaw w...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or,...

Medium: openssh

Issue Overview: An issue was discovered in OpenSSH. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks a...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's implementation of RDS over TCP. A system that has the rdstcp kernel module loaded either through autoload via local process running listen, or manual loading could possibly cause a use after free UAF in which an attacker who is able to...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's implementation of RDS over TCP. A system that has the rdstcp kernel module loaded either through autoload via local process running listen, or manual loading could possibly cause a use after free UAF in which an attacker who is able to...

Low: graphviz

Issue Overview: The agroot function in cgraph\obj.c in libcgraph.a in Graphviz has a NULL pointer dereference, as demonstrated by graphml2gv. CVE-2019-11023 Affected Packages: graphviz Issue Correction: Run yum update graphviz or yum update --advisory ALAS-2019-1207 to update your system. New...

Low: python-urllib3

Issue Overview: urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in...

Important: mod_auth_mellon

Issue Overview: A vulnerability was found in a previous version of modauthmellon. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them ...

Medium: ntp

Issue Overview: NTP has a NULL pointer dereference attack in an authenticated mode 6 packet. CVE-2019-8936 Affected Packages: ntp Issue Correction: Run yum update ntp or yum update --advisory ALAS-2019-1206 to update your system. New Packages: i686: ntp-debuginfo-4.2.8p12-1.41.amzn1.i686 ...

Important: java-1.7.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network...

Important: tomcat8

Issue Overview: When the default servlet in Apache Tomcat returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. CVE-2018-11784 The HTTP/2...

Important: clamav

Issue Overview: An out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to correctly keep track of the number of bytes remaining in a buffer when indexing file data. CVE-2019-1787 An out-of-bounds heap read condition may occur when scanning PE files i.e...

Medium: libqb

Issue Overview: A flaw was found in libqb. Insecure handling of temporary files could be exploited by a local attacker to overwrite privileged system files. Upstream issue: https://github.com/ClusterLabs/libqb/issues/338 Affected Packages: libqb Note: This advisory is applicable to Amazon Linux 2...

Important: kernel

Issue Overview: Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA STore Address and STD STore Data sub-operations. These sub-operations allow the processor to hand-off...

Important: kernel

Issue Overview: - Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - Microarchitectural Fill Buffer Data Sampling MFBDS CVE-2018-12130 - Microarchitectural Load Port Data Sampling MLPDS CVE-2018-12127 - Microarchitectural Data Sampling Uncacheable Memory MDSUM CVE-2019-11091...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfrsp and l2capparseconfreq functions. An attacker with physical access within the range of standard Bluetooth transmission c...

Important: python3

Issue Overview: Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is: Information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfrsp and l2capparseconfreq functions. An attacker with physical access within the range of standard Bluetooth transmission c...

Important: mod24_auth_mellon

Issue Overview: A vulnerability was found in modauthmellon. If Apache is configured as a reverse proxy and modauthmellon is configured to only let through authenticated users with the require valid-user directive, adding special HTTP headers that are normally used to start the special SAML ECP...

Important: python34

Issue Overview: Python is affected by improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are: urllib.parse.urlsplit, urllib.parse.urlpars...

Medium: gnupg2

Issue Overview: The douncompress function in g10/compress.c allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.CVE-2014-4617 Affected Packages: gnupg2 Note: This advisory is applicable to...

Low: mod_http2

Issue Overview: In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections.CVE-2018-17189...

Important: libssh2

Issue Overview: An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the...

Important: openwsman

Issue Overview: Earlier versions of Openwsman are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server...

Critical: thunderbird

Issue Overview: When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration PAC file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default...

Low: libjpeg-turbo

Issue Overview: A divide by zero vulnerability has been discovered in libjpeg-turbo in allocsarray function of jmemmgr.c file. An attacker could use this vulnerability to cause a denial of service via a crafted file.CVE-2018-11212 Affected Packages: libjpeg-turbo Note: This advisory is applicable...

Medium: fuse

Issue Overview: A vulnerability was discovered in fuse. When SELinux is active, fusermount is vulnerable to a restriction bypass. This allows non-root users to mount a FUSE file system with the 'allowother' mount option regardless of whether 'userallowother' is set in the fuse configuration. An...

Important: wget

Issue Overview: A buffer overflow vulnerability was found in GNU Wget. An attacker may be able to cause a denial-of-service DoS or may execute an arbitrary code. CVE-2019-5953 Affected Packages: wget Issue Correction: Run yum update wget or yum update --advisory ALAS-2019-1194 to update your...

Medium: mariadb

Issue Overview: The crc32big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.CVE-2016-9843 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Storage Engines...

Important: httpd24

Issue Overview: In Apache HTTP Server with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually root by manipulati...

Medium: bind

Issue Overview: To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when...

Medium: bind

Issue Overview: To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when...

Important: httpd

Issue Overview: In Apache HTTP Server with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually root by manipulati...

Medium: openssl

Issue Overview: A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information.CVE-2018-5407 If an application encounters a fata...

Important: freerdp

Issue Overview: FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nscrledecode that results in a memory corruption and possibly even a remote code execution.CVE-2018-8788 FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a...

Medium: tomcat

Issue Overview: When the default servlet in Apache Tomcat returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.CVE-2018-11784 Affected Packages:...

Important: filesystem

Issue Overview: Images built for the Amazon Linux 2.0.20190313 release included system files with incorrect permissions applied. Incorrect permissions were applied to the following file: /etc/shadow All users should upgrade to this updated package which corrects permissions for these files if the...

Medium: openssl

Issue Overview: A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information. CVE-2018-5407 If an application encounters a fat...

Important: kernel

Issue Overview: A kernel memory leak was found in the kernelreadfile function in the fs/exec.c file in the Linux kernel. An attacker could use this flaw to cause a memory leak and thus a denial of service DoS.CVE-2019-8980 A flaw was found in mmap in the Linux kernel allowing the process to map a...

Low: openssl

Issue Overview: The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. CVE-2018-0734 Affected Packages: openssl Issue Correction: Run yum update openssl or yum updat...

Important: flatpak

Issue Overview: Earlier versions of flatpak exposes /proc in the applyextra script sandbox, which allows attackers to modify a host-side executable file.CVE-2019-8308 Affected Packages: flatpak Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

Medium: python27, python34, python35, python36

Issue Overview: A null pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate...

Medium: java-1.8.0-openjdk, java-1.7.0-openjdk

Issue Overview: Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other...

Low: libwmf

Issue Overview: The GD Graphics Library aka LibGD has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected. CVE-2019-6978 Affected Packages: libwmf Issue Correction: Run yum update libwmf or yum update --advisory ALAS-2019-1174 to update your...

Low: nvidia

Issue Overview: NVIDIA graphics driver contains a vulnerability that may allow access to application data processed on the GPU through a side channel exposed by the GPU performance counters. Local user access is required. This is not a network or remote attack vector. CVE-2018-6260 Affected...

Medium: file

Issue Overview: dobidnote in readelf.c in libmagic.a has a stack-based buffer over-read, related to fileprintf and filevprintf. CVE-2019-8904 docorenote in readelf.c in libmagic.a has a stack-based buffer over-read, related to fileprintable, a different vulnerability than CVE-2018-10360...