vulnerability

Ubuntu: USN-4565-1 (CVE-2019-16239): OpenConnect vulnerability

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Sep 17, 2019
Added
Oct 6, 2020
Modified
Mar 22, 2023

Description

process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.

Solution(s)

ubuntu-upgrade-libopenconnect5ubuntu-upgrade-openconnect

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today