8699 matches found
Medium: httpd
Issue Overview: Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. CVE-2023-38709 HTTP Response splitting in multiple modules in Apache HTTP Server allows an...
Important: nghttp2
Issue Overview: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage ...
Medium: httpd
Issue Overview: Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. CVE-2023-38709 HTTP Response splitting in multiple modules in Apache HTTP Server allows an...
Important: glibc
Issue Overview: The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961...
Medium: jose
Issue Overview: latchset jose through version 11 allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value. CVE-2023-50967 Affected Packages: jose Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...
Medium: ruby
Issue Overview: An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that ar...
Important: mod_http2
Issue Overview: HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. CVE-2024-27316 Affected Packages: modhttp2 Note: This advisory is...
Important: nghttp2
Issue Overview: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage ...
Medium: curl
Issue Overview: This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this b...
Low: java-11-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr...
Important: qt5-qtbase
Issue Overview: Potential buffer overflow issue in QXmlStreamReader. When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash. CVE-2023-37369 Affected Packages: qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core...
Medium: kernel
Issue Overview: A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions ...
Important: nghttp2
Issue Overview: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage ...
Medium: kernel
Issue Overview: A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions ...
Important: bind
Issue Overview: Certain DNSSEC aspects of the DNS protocol in RFC 4035 and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification...
Medium: curl
Issue Overview: When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protoco...
Medium: curl
Issue Overview: This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this b...
Medium: curl
Issue Overview: When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protoco...
Low: java-11-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...
Important: mod_http2
Issue Overview: HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. CVE-2024-27316 Affected Packages: modhttp2 Note: This advisory is...
Low: java-17-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...
Medium: httpd
Issue Overview: Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. CVE-2023-38709 HTTP Response splitting in multiple modules in Apache HTTP Server allows an...
Important: glibc
Issue Overview: The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961...
Important: bind
Issue Overview: Certain DNSSEC aspects of the DNS protocol in RFC 4035 and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification...
Medium: jose
Issue Overview: latchset jose through version 11 allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value. CVE-2023-50967 Affected Packages: jose Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...
Important: qt5-qtbase
Issue Overview: Potential buffer overflow issue in QXmlStreamReader. When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash. CVE-2023-37369 Affected Packages: qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core...
Low: libreoffice
Issue Overview: Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling ...
Medium: wireshark
Issue Overview: T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file CVE-2024-2955 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...
Medium: wireshark
Issue Overview: T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file CVE-2024-2955 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queuedwritelockslowpath CVE-2021-46921 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon...
Low: java-17-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10,...
Low: java-1.8.0-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queuedwritelockslowpath CVE-2021-46921 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon...
Important: firefox
Issue Overview: An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. This vulnerability affects Firefox 124.0.1 and Firefox ESR 115.9.1. CVE-2024-29944 There was no limit to the number of HTTP/2 CONTINUATIO...
Medium: ruby
Issue Overview: An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that ar...
Important: squid
Issue Overview: Due to chunked decoder lenience Squid is vulnerable to Request/Response smuggling attacks when parsing HTTP/1.1 and ICAP messages. CVE-2023-46846 Affected Packages: squid Issue Correction: Run yum update squid or yum update --advisory ALAS-2024-1933 to update your system. New...
Important: httpd24
Issue Overview: HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. CVE-2024-27316 Affected Packages: httpd24 Issue Correction: Run yum...
Important: xorg-x11-server
Issue Overview: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer NOTE: https://lists.x.org/archives/xorg/2024-January/061525.html NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/9e2ecb2af8302dedc49cb6a63ebe063c58a9e7e3 CVE-2023-6816 Reattaching to different master device...
Important: glibc
Issue Overview: The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961...
Important: php
Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an...
Medium: flatpak
Issue Overview: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the cas...
Important: glib2
Issue Overview: GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in goptiongroupaddentries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a...
Medium: webkitgtk4
Issue Overview: The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service. CVE-2023-42956 A logic issue was addressed with improved validation. This issue is fixed ...
Medium: krb5
Issue Overview: Kerberos 5 aka krb5 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmaprmt.c. CVE-2024-26458 Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. CVE-2024-26461 Affected Packages: krb5 Note: This advisory is applicable to...
Medium: libvirt
Issue Overview: An off-by-one error flaw was found in the udevListInterfacesByStatus function in libvirt when the number of interfaces exceeds the size of the names array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to...
Medium: krb5
Issue Overview: Kerberos 5 aka krb5 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmaprmt.c. CVE-2024-26458 Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. CVE-2024-26461 Affected Packages: krb5 Note: This advisory is applicable to...
Important: tomcat
Issue Overview: Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option...
Important: tomcat
Issue Overview: Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through...
Medium: flatpak
Issue Overview: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the cas...