Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libidn
(Gnu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-09-07 | CVE-2015-8948 | idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read. | Ubuntu_linux, Libidn, Leap, Opensuse | 7.5 | ||
| 2016-09-07 | CVE-2016-6261 | The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input. | Ubuntu_linux, Libidn, Leap | 7.5 | ||
| 2016-09-07 | CVE-2016-6262 | idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read, a different vulnerability than CVE-2015-8948. | Ubuntu_linux, Libidn, Leap, Opensuse | 7.5 | ||
| 2016-09-07 | CVE-2016-6263 | The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data. | Libidn | 7.5 | ||
| 2015-08-12 | CVE-2015-2059 | The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read. | Fedora, Libidn, Opensuse | N/A |