libidn (SUSE:Linux Enterprise Software Development Kit 12 SP1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP1 package libidn, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2015-2059 — CVSS 7.5 (high): The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory…
CVE-2015-8948 — CVSS 7.5 (high): idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which…
CVE-2016-6261 — CVSS 7.5 (high): The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service…
CVE-2016-6262 — CVSS 7.5 (high): idn in libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which…
CVE-2016-6263 — CVSS 7.5 (high): The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of…