Msrc Cbl2 Libesmtp 1.0.6-21 On Cbl Mariner 2.0 vulnerabilities

1 known vulnerability affecting msrc/cbl2_libesmtp_1.0.6-21_on_cbl_mariner_2.0.

Total CVEs

1

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL1

Vulnerabilities

Page 1 of 1

CVE-2019-19977CRITICALCVSS 9.82019-12-10

CVE-2019-19977 [CRITICAL] CWE-125 libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c as demonstrated by a stack-based buffer over-read. libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c as demonstrated by a stack-based buffer over-read. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this