GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idnatounicode_internal. The affected code is not present in libidn2.
{ "binaries": [ { "binary_name": "idn", "binary_version": "1.28-1ubuntu2.2" }, { "binary_name": "libidn11", "binary_version": "1.28-1ubuntu2.2" }, { "binary_name": "libidn11-java", "binary_version": "1.28-1ubuntu2.2" } ] }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-57053.json"
{ "binaries": [ { "binary_name": "idn", "binary_version": "1.32-3ubuntu1.2" }, { "binary_name": "libidn11", "binary_version": "1.32-3ubuntu1.2" }, { "binary_name": "libidn11-java", "binary_version": "1.32-3ubuntu1.2" } ] }
{ "binaries": [ { "binary_name": "idn", "binary_version": "1.33-2.1ubuntu1.2" }, { "binary_name": "libidn11", "binary_version": "1.33-2.1ubuntu1.2" }, { "binary_name": "libidn11-java", "binary_version": "1.33-2.1ubuntu1.2" } ] }
{ "binaries": [ { "binary_name": "idn", "binary_version": "1.33-2.2ubuntu2" }, { "binary_name": "libidn11", "binary_version": "1.33-2.2ubuntu2" }, { "binary_name": "libidn11-java", "binary_version": "1.33-2.2ubuntu2" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "idn", "binary_version": "1.38-4ubuntu1.1" }, { "binary_name": "libidn12", "binary_version": "1.38-4ubuntu1.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "idn", "binary_version": "1.42-1ubuntu0.1" }, { "binary_name": "libidn12", "binary_version": "1.42-1ubuntu0.1" } ] }
{ "binaries": [ { "binary_name": "idn", "binary_version": "1.43-2" }, { "binary_name": "libidn12", "binary_version": "1.43-2" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "idn", "binary_version": "1.43-2ubuntu0.26.04.1" }, { "binary_name": "libidn12", "binary_version": "1.43-2ubuntu0.26.04.1" } ] }