Vulnerabilities > GNU > Libidn2 > 2.0.2

DATE CVE VULNERABILITY TITLE RISK
2019-10-22 CVE-2019-12290 Improper Input Validation vulnerability in GNU Libidn2
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels.
network
low complexity
gnu CWE-20
7.5
7.5
2019-10-21 CVE-2019-18224 Out-of-bounds Write vulnerability in GNU Libidn2
idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.
network
low complexity
gnu CWE-787
critical
 9.8
9.8
2017-08-31 CVE-2017-14062 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
network
low complexity
gnu debian CWE-190
7.5
7.5
2017-08-31 CVE-2017-14061 Integer Overflow or Wraparound vulnerability in GNU Libidn2
Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.
network
low complexity
gnu CWE-190
7.5
7.5