Veracode Vulnerability DatabaseVERACODE:21065Authorization Bypass
0.001 Low
EPSS
Percentile
22.9%
glibc is vulnerable to authorization bypass. Successful parsing of strings containing an IPv4 address appended with whitespace and arbitrary characters causes applications using glibc to parse incorrectly validated strings. This can potentially lead to circumvention of validation and authorization bypass.
References
lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
www.securityfocus.com/bid/106672
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
access.redhat.com/errata/RHSA-2019:2118
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1039304
bugzilla.redhat.com/show_bug.cgi?id=1347549
bugzilla.redhat.com/show_bug.cgi?id=1443872
bugzilla.redhat.com/show_bug.cgi?id=1488370
bugzilla.redhat.com/show_bug.cgi?id=1555189
bugzilla.redhat.com/show_bug.cgi?id=1579354
bugzilla.redhat.com/show_bug.cgi?id=1579730
bugzilla.redhat.com/show_bug.cgi?id=1579739
bugzilla.redhat.com/show_bug.cgi?id=1591268
bugzilla.redhat.com/show_bug.cgi?id=1592475
bugzilla.redhat.com/show_bug.cgi?id=1595191
bugzilla.redhat.com/show_bug.cgi?id=1609067
bugzilla.redhat.com/show_bug.cgi?id=1640764
bugzilla.redhat.com/show_bug.cgi?id=1641981
bugzilla.redhat.com/show_bug.cgi?id=1646373
bugzilla.redhat.com/show_bug.cgi?id=1647490
bugzilla.redhat.com/show_bug.cgi?id=1661508
bugzilla.redhat.com/show_bug.cgi?id=1662842
bugzilla.redhat.com/show_bug.cgi?id=1684874
sourceware.org/bugzilla/show_bug.cgi?id=20018
Related
