cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-12290,https://securityvulnerability.io/vulnerability/CVE-2019-12290,Impersonation Vulnerability in GNU libidn2 Affects Domain Name Conversion,"A vulnerability in GNU libidn2 prior to version 2.2.0 allows attackers to impersonate arbitrary domains. This is achieved through insufficient validation checks during the conversion process from A-labels to U-labels as outlined in RFC3490 Section 4.2. By leveraging punycoded Unicode characters, an attacker can craft a malicious domain that appears similar to a legitimate domain. When these domains undergo the conversion process to Unicode labels and back to ASCII, certain characters may be discarded, facilitating the impersonation without triggering security measures.",Gnu,Libidn2,7.5,HIGH,0.006070000119507313,false,,false,false,false,,,false,false,,2019-10-22T15:14:06.000Z,0
CVE-2019-18224,https://securityvulnerability.io/vulnerability/CVE-2019-18224,Heap-Based Buffer Overflow in GNU libidn2 Affects Multiple Linux Distributions,"The GNU libidn2 library before version 2.1.1 is susceptible to a heap-based buffer overflow due to improper handling of excessively long domain strings in the idn2_to_ascii_4i function within lib/lookup.c. This flaw can lead to unexpected behavior, including potential crashes or execution of arbitrary code, making it essential for users of this library to upgrade to the latest version to remedy the vulnerability and secure their environments.",Gnu,Libidn2,9.8,CRITICAL,0.008910000324249268,false,,false,false,false,,,false,false,,2019-10-21T16:21:46.000Z,0
CVE-2017-14061,https://securityvulnerability.io/vulnerability/CVE-2017-14061,,Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.,Gnu,Libidn2,9.8,CRITICAL,0.004220000002533197,false,,false,false,false,,,false,false,,2017-08-31T16:29:00.000Z,0
CVE-2017-14062,https://securityvulnerability.io/vulnerability/CVE-2017-14062,,Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.,Gnu,Libidn2,9.8,CRITICAL,0.004730000160634518,false,,false,false,false,,,false,false,,2017-08-31T16:00:00.000Z,0