Msrc Cbl Mariner 2.0 Arm vulnerabilities

CVE-2019-12450 [CRITICAL] CWE-362 file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead default permissions are used. file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead default permissions are used. FAQ: Is Azure Linux the only Microsoft product that includes this open-source libra

CVE-2019-2708 [LOW] Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138 prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows l Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138 prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastru

CVE-2019-3816 [HIGH] CWE-22 Openwsman versions up to and including 2.6.9 are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote unauthenticated attacker Openwsman versions up to and including 2.6.9 are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP req

CVE-2019-3833 [HIGH] CWE-835 Openwsman versions up to and including 2.6.9 are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote unauthenticated attacker can exploit this vu Openwsman versions up to and including 2.6.9 are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of servi

CVE-2019-9210 [HIGH] CWE-125 In AdvanceCOMP 2.1 png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size which results in an attempted memcpy to write into a buffer that is too small. (Ther In AdvanceCOMP 2.1 png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.) FAQ: Is Azure Linux the onl

CVE-2019-6293 [MEDIUM] CWE-674 An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to i An issue was discovered in the function mark_beginning_as_normal in nfa.c in flex 2.6.4. There is a stack exhaustion problem caused by the mark_beginning_as_normal function making recursive calls to itself in certain scenarios involving lots of '*' characters. Remote

CVE-2018-20169 [MEDIUM] CWE-400 An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor related to __usb_get_extra_descriptor in drivers/usb/core/ An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor related to __usb_get_extra_descriptor in drivers/usb/core/usb.c. FAQ: Is Azure Linux the only Microsoft product that include

CVE-2018-19787 [MEDIUM] CWE-79 An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping allowing a remote attacker to conduct XSS attacks as d An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping allowing a remote attacker to conduct XSS attacks as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is

CVE-2018-18384 [MEDIUM] CWE-119 Info-ZIP UnZip 6.0 has a buffer overflow in list.c when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value because a buffer size is 10 and is su Info-ZIP UnZip 6.0 has a buffer overflow in list.c when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value because a buffer size is 10 and is supposed to be 12. FAQ: Is Azure Linux the only Microsoft product th

CVE-2018-17828 [MEDIUM] CWE-22 Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file because of the function unzzip_cat in the bins/unzzipcat-mem.c file. Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file because of the function unzzip_cat in the bins/unzzipcat-mem.c file. FAQ: Is Azure Linux the only Microsoft product that includes this

CVE-2018-16548 [MEDIUM] CWE-772 An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c which will lead to a denial of service attack. An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c which will lead to a denial of service attack. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is ther

CVE-2018-14348 [HIGH] CWE-200 libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask leading to disclosure of information. libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask leading to disclosure of information. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to ou

CVE-2018-13410 [CRITICAL] CWE-416 Info-ZIP Zip 3.0 when the -T and -TT command-line options are used allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because Info-ZIP Zip 3.0 when the -T and -TT command-line options are used allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are rea

CVE-2018-10906 [MEDIUM] CWE-269 In fuse before versions 2.9.8 and 3.x before 3.2.5 fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other In fuse before versions 2.9.8 and 3.x before 3.2.5 fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in t

CVE-2018-11694 [HIGH] CWE-476 An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of ser An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact.

CVE-2018-10689 [MEDIUM] CWE-119 blktrace (aka Block IO Tracing) 1.2.0 as used with the Linux kernel and Android has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small as blktrace (aka Block IO Tracing) 1.2.0 as used with the Linux kernel and Android has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small as demonstrated by an invalid free when using the btt program with a c

CVE-2018-1000156 [HIGH] CWE-20 GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear t GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. T

CVE-2018-9057 [CRITICAL] CWE-332 aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform Amazon Web Services (AWS) provider through v1.12.0 has an inappropriate PRNG algorithm and seeding which makes it easier for remot aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform Amazon Web Services (AWS) provider through v1.12.0 has an inappropriate PRNG algorithm and seeding which makes it easier for remote attackers to obtain access by leveraging an IAM account that was

CVE-2017-18214 [MEDIUM] CWE-400 The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string a different vulnerability than CVE-2016-4055. The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string a different vulnerability than CVE-2016-4055. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this v

CVE-2018-1000097 [HIGH] CWE-119 Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform check Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could l