Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 4 of 4 results


CVE-2019-12290

Medium priority

Some fixes available 2 of 4

GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating...

2 affected packages

libidn2, libidn2-0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libidn2 Not affected Not affected Not affected Fixed Not in release
libidn2-0 Not in release Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2019-18224

Medium priority

Some fixes available 2 of 4

idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.

2 affected packages

libidn2, libidn2-0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libidn2 Not affected Not affected Not affected Fixed Not in release
libidn2-0 Not in release Not in release Not in release Not in release Vulnerable
Show less packages

CVE-2017-14061

Medium priority
Not affected

Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

2 affected packages

libidn, libidn2-0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libidn Not affected
libidn2-0 Not affected
Show less packages

CVE-2017-14062

Medium priority
Fixed

Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

3 affected packages

libidn, libidn2, libidn2-0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libidn Not affected Not affected Not affected Fixed
libidn2 Not affected Not affected Not affected Not in release
libidn2-0 Not in release Not in release Not in release Fixed
Show less packages