Msrc Cbl Mariner 2.0 Arm vulnerabilities

CVE-2020-14308 [MEDIUM] CWE-190 In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations w In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity confidentialit

CVE-2020-15945 [MEDIUM] Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g. when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flo Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g. when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function. FAQ: Is Azure Linux the only Microsoft product

CVE-2020-14309 [MEDIUM] CWE-787 There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic ove There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-base

CVE-2020-14147 [HIGH] CWE-787 An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (mem An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended san

CVE-2020-13962 [HIGH] Qt 5.12.2 through 5.14.2 as used in unofficial builds of Mumble 1.3.0 and other products mishandles OpenSSL's error queue which can cause a denial of service to QSslSocket users. Because errors leak i Qt 5.12.2 through 5.14.2 as used in unofficial builds of Mumble 1.3.0 and other products mishandles OpenSSL's error queue which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions an unrelated session may be disconnected when any ha

CVE-2020-12762 [HIGH] CWE-787 json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file as demonstrated by printbuf_memappend. json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file as demonstrated by printbuf_memappend. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the

CVE-2020-13645 [MEDIUM] CWE-295 In GNOME glib-networking through 2.64.2 the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server i In GNOME glib-networking through 2.64.2 the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior to

CVE-2020-10109 [CRITICAL] CWE-444 In Twisted Web through 19.10.0 there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header the content-length took precedence and the remainde In Twisted Web through 19.10.0 there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header the content-length took precedence and the remainder of the request body was interpreted as a pipelined request. FA

CVE-2020-10108 [CRITICAL] CWE-444 In Twisted Web through 19.10.0 there was an HTTP request splitting vulnerability. When presented with two content-length headers it ignored the first header. When the second content-length value was s In Twisted Web through 19.10.0 there was an HTTP request splitting vulnerability. When presented with two content-length headers it ignored the first header. When the second content-length value was set to zero the request body was interpreted as a pipelined reques

CVE-2020-1747 [CRITICAL] CWE-20 A vulnerability was discovered in the PyYAML library in versions before 5.3.1 where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or A vulnerability was discovered in the PyYAML library in versions before 5.3.1 where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to p

CVE-2019-20503 [MEDIUM] CWE-125 usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most

CVE-2020-5208 [HIGH] CWE-120 remote code execution vulnerability in ipmitool remote code execution vulnerability in ipmitool FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is comp

CVE-2019-9674 [HIGH] CWE-400 Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use t

CVE-2019-20421 [HIGH] CWE-835 In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2 an input file can result in an infinite loop and hang with high CPU consumption. Remote attackers could leverage this vulnerability to cause In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2 an input file can result in an infinite loop and hang with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. FAQ: Is Azure Linux the onl

CVE-2014-8141 [HIGH] CWE-787 Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unz Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. FAQ: Is Azure Linux the only Microsoft product that inclu

CVE-2014-8139 [HIGH] CWE-787 Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. FAQ: Is Azure Linux the only Microsoft product that includes

CVE-2014-8140 [HIGH] CWE-787 Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the un Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. FAQ: Is Azure Linux the only Microsoft product that incl

CVE-2015-9541 [MEDIUM] CWE-776 Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader a related issue to CVE-2003-1564. Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader a related issue to CVE-2003-1564. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vuln

CVE-2020-6750 [MEDIUM] GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so because the proxy_addr field is misha GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically dependin

CVE-2019-5544 [CRITICAL] CWE-787 OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base scor OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. FAQ: Is Azure Linux the only Microsoft product that inc