ISHACK AI BOT

Amazon Linux AMI 2: CVE-2020-19190: Security patch for ncurses (ALAS-2024-2412) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Solution(s) amazon-linux-ami-2-upgrade-ncurses amazon-linux-ami-2-upgrade-ncurses-base amazon-linux-ami-2-upgrade-ncurses-c-libs amazon-linux-ami-2-upgrade-ncurses-compat-libs amazon-linux-ami-2-upgrade-ncurses-debuginfo amazon-linux-ami-2-upgrade-ncurses-devel amazon-linux-ami-2-upgrade-ncurses-libs amazon-linux-ami-2-upgrade-ncurses-static amazon-linux-ami-2-upgrade-ncurses-term References https://attackerkb.com/topics/cve-2020-19190 AL2/ALAS-2024-2412 CVE - 2020-19190

Amazon Linux AMI 2: CVE-2020-18768: Security patch for libtiff (ALAS-2023-2300) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file. Solution(s) amazon-linux-ami-2-upgrade-libtiff amazon-linux-ami-2-upgrade-libtiff-debuginfo amazon-linux-ami-2-upgrade-libtiff-devel amazon-linux-ami-2-upgrade-libtiff-static amazon-linux-ami-2-upgrade-libtiff-tools References https://attackerkb.com/topics/cve-2020-18768 AL2/ALAS-2023-2300 CVE - 2020-18768

Amazon Linux AMI 2: CVE-2020-22219: Security patch for flac (ALAS-2023-2283) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/22/2023 Created 10/06/2023 Added 10/06/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder. Solution(s) amazon-linux-ami-2-upgrade-flac amazon-linux-ami-2-upgrade-flac-debuginfo amazon-linux-ami-2-upgrade-flac-devel amazon-linux-ami-2-upgrade-flac-libs References https://attackerkb.com/topics/cve-2020-22219 AL2/ALAS-2023-2283 CVE - 2020-22219

Amazon Linux AMI 2: CVE-2020-19187: Security patch for ncurses (ALAS-2024-2412) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Solution(s) amazon-linux-ami-2-upgrade-ncurses amazon-linux-ami-2-upgrade-ncurses-base amazon-linux-ami-2-upgrade-ncurses-c-libs amazon-linux-ami-2-upgrade-ncurses-compat-libs amazon-linux-ami-2-upgrade-ncurses-debuginfo amazon-linux-ami-2-upgrade-ncurses-devel amazon-linux-ami-2-upgrade-ncurses-libs amazon-linux-ami-2-upgrade-ncurses-static amazon-linux-ami-2-upgrade-ncurses-term References https://attackerkb.com/topics/cve-2020-19187 AL2/ALAS-2024-2412 CVE - 2020-19187

SUSE: CVE-2022-48566: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 08/22/2023 Created 10/11/2023 Added 10/10/2023 Modified 01/28/2025 Description An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest. Solution(s) suse-upgrade-libpython2_7-1_0 suse-upgrade-libpython2_7-1_0-32bit suse-upgrade-python suse-upgrade-python-32bit suse-upgrade-python-base suse-upgrade-python-base-32bit suse-upgrade-python-curses suse-upgrade-python-demo suse-upgrade-python-devel suse-upgrade-python-doc suse-upgrade-python-doc-pdf suse-upgrade-python-gdbm suse-upgrade-python-idle suse-upgrade-python-tk suse-upgrade-python-xml References https://attackerkb.com/topics/cve-2022-48566 CVE - 2022-48566

Red Hat: CVE-2022-48554: file: stack-based buffer over-read in file_copystr in funcs.c (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 05/01/2024 Added 05/01/2024 Modified 11/27/2024 Description File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. Solution(s) redhat-upgrade-file redhat-upgrade-file-debuginfo redhat-upgrade-file-debugsource redhat-upgrade-file-devel redhat-upgrade-file-libs redhat-upgrade-file-libs-debuginfo redhat-upgrade-python3-file-magic References CVE-2022-48554 RHSA-2024:2512

Red Hat: CVE-2022-48560: python: use after free in heappushpop() of heapq module (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/12/2024 Added 01/11/2024 Modified 05/23/2024 Description A use-after-free exists in Python through 3.9 via heappushpop in heapq. Solution(s) redhat-upgrade-babel redhat-upgrade-cython-debugsource redhat-upgrade-numpy-debugsource redhat-upgrade-platform-python redhat-upgrade-platform-python-debug redhat-upgrade-platform-python-devel redhat-upgrade-python-coverage-debugsource redhat-upgrade-python-lxml-debugsource redhat-upgrade-python-nose-docs redhat-upgrade-python-psycopg2-debuginfo redhat-upgrade-python-psycopg2-debugsource redhat-upgrade-python-psycopg2-doc redhat-upgrade-python-pymongo-debuginfo redhat-upgrade-python-pymongo-debugsource redhat-upgrade-python-sqlalchemy-doc redhat-upgrade-python2 redhat-upgrade-python2-attrs redhat-upgrade-python2-babel redhat-upgrade-python2-backports redhat-upgrade-python2-backports-ssl_match_hostname redhat-upgrade-python2-bson redhat-upgrade-python2-bson-debuginfo redhat-upgrade-python2-chardet redhat-upgrade-python2-coverage redhat-upgrade-python2-coverage-debuginfo redhat-upgrade-python2-cython redhat-upgrade-python2-cython-debuginfo redhat-upgrade-python2-debug redhat-upgrade-python2-debuginfo redhat-upgrade-python2-debugsource redhat-upgrade-python2-devel redhat-upgrade-python2-dns redhat-upgrade-python2-docs redhat-upgrade-python2-docs-info redhat-upgrade-python2-docutils redhat-upgrade-python2-funcsigs redhat-upgrade-python2-idna redhat-upgrade-python2-ipaddress redhat-upgrade-python2-jinja2 redhat-upgrade-python2-libs redhat-upgrade-python2-lxml redhat-upgrade-python2-lxml-debuginfo redhat-upgrade-python2-markupsafe redhat-upgrade-python2-mock redhat-upgrade-python2-nose redhat-upgrade-python2-numpy redhat-upgrade-python2-numpy-debuginfo redhat-upgrade-python2-numpy-doc redhat-upgrade-python2-numpy-f2py redhat-upgrade-python2-pip redhat-upgrade-python2-pip-wheel redhat-upgrade-python2-pluggy redhat-upgrade-python2-psycopg2 redhat-upgrade-python2-psycopg2-debug redhat-upgrade-python2-psycopg2-debug-debuginfo redhat-upgrade-python2-psycopg2-debuginfo redhat-upgrade-python2-psycopg2-tests redhat-upgrade-python2-py redhat-upgrade-python2-pygments redhat-upgrade-python2-pymongo redhat-upgrade-python2-pymongo-debuginfo redhat-upgrade-python2-pymongo-gridfs redhat-upgrade-python2-pymysql redhat-upgrade-python2-pysocks redhat-upgrade-python2-pytest redhat-upgrade-python2-pytest-mock redhat-upgrade-python2-pytz redhat-upgrade-python2-pyyaml redhat-upgrade-python2-pyyaml-debuginfo redhat-upgrade-python2-requests redhat-upgrade-python2-rpm-macros redhat-upgrade-python2-scipy redhat-upgrade-python2-scipy-debuginfo redhat-upgrade-python2-setuptools redhat-upgrade-python2-setuptools-wheel redhat-upgrade-python2-setuptools_scm redhat-upgrade-python2-six redhat-upgrade-python2-sqlalchemy redhat-upgrade-python2-test redhat-upgrade-python2-tkinter redhat-upgrade-python2-tools redhat-upgrade-python2-urllib3 redhat-upgrade-python2-virtualenv redhat-upgrade-python2-wheel redhat-upgrade-python2-wheel-wheel redhat-upgrade-python3-debuginfo redhat-upgrade-python3-debugsource redhat-upgrade-python3-idle redhat-upgrade-python3-libs redhat-upgrade-python3-test redhat-upgrade-python3-tkinter redhat-upgrade-pyyaml-debugsource redhat-upgrade-scipy-debugsource References CVE-2022-48560 RHSA-2024:0114 RHSA-2024:0430 RHSA-2024:0586 RHSA-2024:2987

Debian: CVE-2020-21687: nasm -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. Solution(s) debian-upgrade-nasm References https://attackerkb.com/topics/cve-2020-21687 CVE - 2020-21687

Red Hat: CVE-2022-48565: python: XML External Entity in XML processing plistlib module (Multiple Advisories) Severity 6 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:C) Published 08/22/2023 Created 05/24/2024 Added 05/23/2024 Modified 05/23/2024 Description An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. Solution(s) redhat-upgrade-babel redhat-upgrade-cython-debugsource redhat-upgrade-numpy-debugsource redhat-upgrade-python-coverage-debugsource redhat-upgrade-python-lxml-debugsource redhat-upgrade-python-nose-docs redhat-upgrade-python-psycopg2-debuginfo redhat-upgrade-python-psycopg2-debugsource redhat-upgrade-python-psycopg2-doc redhat-upgrade-python-pymongo-debuginfo redhat-upgrade-python-pymongo-debugsource redhat-upgrade-python-sqlalchemy-doc redhat-upgrade-python2 redhat-upgrade-python2-attrs redhat-upgrade-python2-babel redhat-upgrade-python2-backports redhat-upgrade-python2-backports-ssl_match_hostname redhat-upgrade-python2-bson redhat-upgrade-python2-bson-debuginfo redhat-upgrade-python2-chardet redhat-upgrade-python2-coverage redhat-upgrade-python2-coverage-debuginfo redhat-upgrade-python2-cython redhat-upgrade-python2-cython-debuginfo redhat-upgrade-python2-debug redhat-upgrade-python2-debuginfo redhat-upgrade-python2-debugsource redhat-upgrade-python2-devel redhat-upgrade-python2-dns redhat-upgrade-python2-docs redhat-upgrade-python2-docs-info redhat-upgrade-python2-docutils redhat-upgrade-python2-funcsigs redhat-upgrade-python2-idna redhat-upgrade-python2-ipaddress redhat-upgrade-python2-jinja2 redhat-upgrade-python2-libs redhat-upgrade-python2-lxml redhat-upgrade-python2-lxml-debuginfo redhat-upgrade-python2-markupsafe redhat-upgrade-python2-mock redhat-upgrade-python2-nose redhat-upgrade-python2-numpy redhat-upgrade-python2-numpy-debuginfo redhat-upgrade-python2-numpy-doc redhat-upgrade-python2-numpy-f2py redhat-upgrade-python2-pip redhat-upgrade-python2-pip-wheel redhat-upgrade-python2-pluggy redhat-upgrade-python2-psycopg2 redhat-upgrade-python2-psycopg2-debug redhat-upgrade-python2-psycopg2-debug-debuginfo redhat-upgrade-python2-psycopg2-debuginfo redhat-upgrade-python2-psycopg2-tests redhat-upgrade-python2-py redhat-upgrade-python2-pygments redhat-upgrade-python2-pymongo redhat-upgrade-python2-pymongo-debuginfo redhat-upgrade-python2-pymongo-gridfs redhat-upgrade-python2-pymysql redhat-upgrade-python2-pysocks redhat-upgrade-python2-pytest redhat-upgrade-python2-pytest-mock redhat-upgrade-python2-pytz redhat-upgrade-python2-pyyaml redhat-upgrade-python2-pyyaml-debuginfo redhat-upgrade-python2-requests redhat-upgrade-python2-rpm-macros redhat-upgrade-python2-scipy redhat-upgrade-python2-scipy-debuginfo redhat-upgrade-python2-setuptools redhat-upgrade-python2-setuptools-wheel redhat-upgrade-python2-setuptools_scm redhat-upgrade-python2-six redhat-upgrade-python2-sqlalchemy redhat-upgrade-python2-test redhat-upgrade-python2-tkinter redhat-upgrade-python2-tools redhat-upgrade-python2-urllib3 redhat-upgrade-python2-virtualenv redhat-upgrade-python2-wheel redhat-upgrade-python2-wheel-wheel redhat-upgrade-pyyaml-debugsource redhat-upgrade-scipy-debugsource References CVE-2022-48565 RHSA-2024:2987

Alma Linux: CVE-2020-22219: Important: flac security update (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 08/22/2023 Created 09/13/2023 Added 09/13/2023 Modified 01/28/2025 Description Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder. Solution(s) alma-upgrade-flac alma-upgrade-flac-devel alma-upgrade-flac-libs References https://attackerkb.com/topics/cve-2020-22219 CVE - 2020-22219 https://errata.almalinux.org/8/ALSA-2023-5046.html https://errata.almalinux.org/9/ALSA-2023-5048.html

Huawei EulerOS: CVE-2021-40211: ImageMagick security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 07/24/2024 Added 07/24/2024 Modified 01/28/2025 Description An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c. Solution(s) huawei-euleros-2_0_sp8-upgrade-imagemagick huawei-euleros-2_0_sp8-upgrade-imagemagick-c++ huawei-euleros-2_0_sp8-upgrade-imagemagick-libs huawei-euleros-2_0_sp8-upgrade-imagemagick-perl References https://attackerkb.com/topics/cve-2021-40211 CVE - 2021-40211 EulerOS-SA-2024-2058

Amazon Linux AMI 2: CVE-2021-46174: Security patch for binutils (ALAS-2024-2401) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. Solution(s) amazon-linux-ami-2-upgrade-binutils amazon-linux-ami-2-upgrade-binutils-debuginfo amazon-linux-ami-2-upgrade-binutils-devel References https://attackerkb.com/topics/cve-2021-46174 AL2/ALAS-2024-2401 CVE - 2021-46174

OS X update for ImageIO (CVE-2020-19185) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

OS X update for ImageIO (CVE-2020-19186) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Alpine Linux: CVE-2022-45703: Out-of-bounds Write Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. Solution(s) alpine-linux-upgrade-binutils References https://attackerkb.com/topics/cve-2022-45703 CVE - 2022-45703 https://security.alpinelinux.org/vuln/CVE-2022-45703

OS X update for Libsystem (CVE-2020-19187) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Amazon Linux 2023: CVE-2020-35357: Medium priority package update for gsl Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution. A stack buffer overflow flaw was found in the gsl package due to a lack of validation of the user controlled fraction parameter. This issue may allow an attacker to craft malicious input, leading to a segmentation fault and further Denial of Service. Since the buffer overflow happens when reading data from the input array, it's very unlikely to achieve arbitrary code execution using this flaw. Solution(s) amazon-linux-2023-upgrade-gsl amazon-linux-2023-upgrade-gsl-debuginfo amazon-linux-2023-upgrade-gsl-debugsource amazon-linux-2023-upgrade-gsl-devel References https://attackerkb.com/topics/cve-2020-35357 CVE - 2020-35357 https://alas.aws.amazon.com/AL2023/ALAS-2023-353.html

Red Hat: CVE-2023-30079: Stack overflow in function read_file at libeconf/lib/getfilecontents.c (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 09/05/2023 Added 09/05/2023 Modified 01/28/2025 Description Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-22652. Reason: This record is a duplicate of CVE-2023-22652. Notes: All CVE users should reference CVE-2023-22652 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage. Solution(s) redhat-upgrade-libeconf redhat-upgrade-libeconf-debuginfo redhat-upgrade-libeconf-debugsource redhat-upgrade-libeconf-utils-debuginfo References CVE-2023-30079 RHSA-2023:4347 RHSA-2023:5458

Red Hat: CVE-2022-48174: Important: busybox security update (RHSA-2023:5178) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/22/2023 Created 09/20/2023 Added 09/19/2023 Modified 01/28/2025 Description There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution. Solution(s) redhat-upgrade-busybox redhat-upgrade-busybox-petitboot References CVE-2022-48174

Alma Linux: CVE-2021-29390: Moderate: libjpeg-turbo security update (ALSA-2024-2295) Severity 8 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:C) Published 08/22/2023 Created 05/08/2024 Added 05/08/2024 Modified 01/28/2025 Description libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c. Solution(s) alma-upgrade-libjpeg-turbo alma-upgrade-libjpeg-turbo-devel alma-upgrade-libjpeg-turbo-utils alma-upgrade-turbojpeg alma-upgrade-turbojpeg-devel References https://attackerkb.com/topics/cve-2021-29390 CVE - 2021-29390 https://errata.almalinux.org/9/ALSA-2024-2295.html

OS X update for Emoji (CVE-2020-19187) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 10/14/2024 Added 10/14/2024 Modified 01/28/2025 Description Deprecated Solution(s)

Red Hat: CVE-2022-48564: python: DoS when processing malformed Apple Property List files in binary format (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/22/2023 Created 01/12/2024 Added 01/11/2024 Modified 01/31/2024 Description read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. Solution(s) redhat-upgrade-platform-python redhat-upgrade-platform-python-debug redhat-upgrade-platform-python-devel redhat-upgrade-python3-debuginfo redhat-upgrade-python3-debugsource redhat-upgrade-python3-idle redhat-upgrade-python3-libs redhat-upgrade-python3-test redhat-upgrade-python3-tkinter References CVE-2022-48564 RHSA-2024:0114 RHSA-2024:0430 RHSA-2024:0586

Gentoo Linux: CVE-2023-32002: Node.js: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/21/2023 Created 05/10/2024 Added 05/10/2024 Modified 01/28/2025 Description The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Solution(s) gentoo-linux-upgrade-net-libs-nodejs References https://attackerkb.com/topics/cve-2023-32002 CVE - 2023-32002 202405-29

Amazon Linux AMI 2: CVE-2022-46751: Security patch for apache-ivy (ALAS-2023-2302) Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:P) Published 08/21/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/30/2025 Description Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy files or Apache Maven POMs - it will allow downloading external document type definitions and expand any entity references contained therein when used. This can be used to exfiltrate data, access resources only the machine running Ivy has access to or disturb the execution of Ivy in different ways. Starting with Ivy 2.5.2 DTD processing is disabled by default except when parsing Maven POMs where the default is to allow DTD processing but only to include a DTD snippet shipping with Ivy that is needed to deal with existing Maven POMs that are not valid XML files but are nevertheless accepted by Maven. Access can be be made more lenient via newly introduced system properties where needed. Users of Ivy prior to version 2.5.2 can use Java system properties to restrict processing of external DTDs, see the section about "JAXP Properties for External Access restrictions" inside Oracle's "Java API for XML Processing (JAXP) Security Guide". Solution(s) amazon-linux-ami-2-upgrade-apache-ivy amazon-linux-ami-2-upgrade-apache-ivy-javadoc References https://attackerkb.com/topics/cve-2022-46751 AL2/ALAS-2023-2302 CVE - 2022-46751

SUSE: CVE-2023-4459: SUSE Linux Security Advisory Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 08/21/2023 Created 09/15/2023 Added 09/15/2023 Modified 01/28/2025 Description A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-base suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-ec2 suse-upgrade-kernel-ec2-base suse-upgrade-kernel-ec2-devel suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-base suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-trace suse-upgrade-kernel-trace-base suse-upgrade-kernel-trace-devel suse-upgrade-kernel-vanilla suse-upgrade-kernel-vanilla-base suse-upgrade-kernel-vanilla-devel suse-upgrade-kernel-vanilla-livepatch-devel suse-upgrade-kernel-xen suse-upgrade-kernel-xen-base suse-upgrade-kernel-xen-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kernel-zfcpdump-man suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-4459 CVE - 2023-4459