Msrc Azure Linux 3.0 X64 vulnerabilities

CVE-2019-20149 [HIGH] CWE-668 ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name as demonstrated by 'constructor': {'name':'Symbol'}. Hence a crafted p ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name as demonstrated by 'constructor': {'name':'Symbol'}. Hence a crafted payload can overwrite this builtin attribute to manipulate the type de

CVE-2019-19645 [MEDIUM] CWE-674 alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this

CVE-2019-19391 [CRITICAL] CWE-843 In LuaJIT through 2.0.5 as used in Moonjit before 2.1.2 and other products debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations because certain cases involv In LuaJIT through 2.0.5 as used in Moonjit before 2.1.2 and other products debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations because certain cases involving valid stack levels and > options are mishandled. NOTE: The Lu

CVE-2019-17362 [CRITICAL] CWE-125 In LibTomCrypt through 1.18.2 the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cau In LibTomCrypt through 1.18.2 the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read inf

CVE-2019-17596 [HIGH] CWE-436 Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios such as traffic from a client to Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios such as traffic from a client to a server that verifies client certificates. FAQ: Is Azure Linux the

CVE-2019-16276 [HIGH] CWE-444 Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the

CVE-2019-16168 [MEDIUM] CWE-369 In SQLite through 3.29.0 whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field aka a "severe division by zero in the que In SQLite through 3.29.0 whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field aka a "severe division by zero in the query planner." FAQ: Is Azure Linux the only Microsoft product that i

CVE-2019-14274 [MEDIUM] CWE-787 MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most s

CVE-2019-11834 [CRITICAL] CWE-125 cJSON before 1.7.11 allows out-of-bounds access related to \x00 in a string literal. cJSON before 1.7.11 allows out-of-bounds access related to \x00 in a string literal. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and

CVE-2019-8457 [CRITICAL] CWE-125 SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits

CVE-2019-11835 [CRITICAL] CWE-125 cJSON before 1.7.11 allows out-of-bounds access related to multiline comments. cJSON before 1.7.11 allows out-of-bounds access related to multiline comments. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure

CVE-2019-10906 [HIGH] In Pallets Jinja before 2.10.1 str.format_map allows a sandbox escape. In Pallets Jinja before 2.10.1 str.format_map allows a sandbox escape. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source

CVE-2018-20505 [HIGH] CWE-89 SQLite 3.25.2 when queries are run on a table with a malformed PRIMARY KEY allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL state SQLite 3.25.2 when queries are run on a table with a malformed PRIMARY KEY allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). FAQ: Is Azure Linux the

CVE-2018-20506 [HIGH] CWE-190 SQLite before 3.25.3 when the FTS3 extension is enabled encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 SQLite before 3.25.3 when the FTS3 extension is enabled encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables allowing remote attackers to execute arbitrary code by

CVE-2019-11358 [MEDIUM] CWE-1321 jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerab jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property it could extend the native Object.prototype.

CVE-2019-3870 [MEDIUM] CWE-276 A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC files are created in a private subdirectory of the install A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC files are created in a private subdirectory of the install location. This directory is typically mode 0700 that is owner (root

CVE-2019-3816 [HIGH] CWE-22 Openwsman versions up to and including 2.6.9 are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote unauthenticated attacker Openwsman versions up to and including 2.6.9 are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP req

CVE-2019-3833 [HIGH] CWE-835 Openwsman versions up to and including 2.6.9 are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote unauthenticated attacker can exploit this vu Openwsman versions up to and including 2.6.9 are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of servi

CVE-2019-9741 [MEDIUM] CWE-93 An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter as demonstrated by the second argument to http.NewRequest with \r\n followed by an An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command. FAQ: Is Azure Linux the only Micros

CVE-2018-20346 [HIGH] CWE-190 SQLite before 3.25.3 when the FTS3 extension is enabled encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables allowing SQLite before 3.25.3 when the FTS3 extension is enabled encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables allowing remote attackers to execute arbitrary code by leveraging the ability