{"id":"MGASA-2019-0416","summary":"Updated libidn2 packages fix security vulnerabilities","details":"Updated libidn2 packages fix security vulnerabilities:\n\nIt was discovered that Libidn2 incorrectly handled certain inputs.\nA attacker could possibly use this issue to impersonate domains\n(CVE-2019-12290).\n\nIt was discovered that Libidn2 incorrectly handled certain inputs.\nAn attacker could possibly use this issue to execute arbitrary code\n(CVE-2019-18224).\n","modified":"2026-01-30T20:45:59.724351Z","published":"2019-12-31T16:51:17Z","related":["CVE-2019-12290","CVE-2019-18224"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0416.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25652"},{"type":"REPORT","url":"https://usn.ubuntu.com/4168-1/"}],"affected":[{"package":{"name":"libidn2","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/libidn2?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.0-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0416.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}