vulnerability

Amazon Linux AMI 2: CVE-2019-18224: Security patch for libidn2 (ALAS-2019-1373)

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Oct 21, 2019
Added
Apr 27, 2020
Modified
Nov 27, 2024

Description

idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.

Solution(s)

amazon-linux-ami-2-upgrade-idn2amazon-linux-ami-2-upgrade-libidn2amazon-linux-ami-2-upgrade-libidn2-debuginfoamazon-linux-ami-2-upgrade-libidn2-devel

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today