Search CVE reports
21 – 30 of 1764 results
Some fixes available 2 of 3
Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.
1 affected package
pydantic
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pydantic | Not affected | Not affected | Fixed | Fixed | — |
AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML...
1 affected package
libowasp-antisamy-java
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libowasp-antisamy-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of...
1 affected package
libowasp-antisamy-java
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libowasp-antisamy-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Server-Side Request Forgery (SSRF) in GitHub repository plantuml/plantuml prior to 1.2023.9.
1 affected package
plantuml
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| plantuml | — | Not affected | Not affected | Not affected | Not affected |
Improper Access Control in GitHub repository plantuml/plantuml prior to 1.2023.9.
1 affected package
plantuml
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| plantuml | — | Ignored | Ignored | Not affected | Not affected |
Some fixes available 8 of 10
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.
72 affected packages
linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux, linux-aws...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| linux-aws-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux | — | Not affected | Not affected | Not affected | Not affected |
| linux-aws | — | Not affected | Not affected | Not affected | Not affected |
| linux-aws-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-aws-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-aws-hwe | — | Not in release | Not in release | Not in release | Not in release |
| linux-azure | — | Not affected | Not affected | Not affected | Not affected |
| linux-azure-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-edge | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-fde | — | Not affected | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-bluefield | — | Not in release | Not in release | Not affected | Not in release |
| linux-euclid | — | — | — | — | Not in release |
| linux-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-flo | — | — | — | — | Not in release |
| linux-gcp | — | Not affected | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gke | — | Not affected | Not affected | Ignored | Not in release |
| linux-gkeop | — | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-goldfish | — | — | — | — | Not in release |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-edge | — | Not in release | Not in release | Not in release | Not affected |
| linux-ibm | — | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-ibm-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-intel | — | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | — | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg | — | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-iot | — | Not in release | Not in release | Not affected | Not in release |
| linux-kvm | — | Not in release | Not affected | Not affected | Not affected |
| linux-lowlatency | — | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not in release |
| linux-manta | — | — | — | — | Not in release |
| linux-nvidia | — | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | — | Not affected | Not in release | Not in release | Not in release |
| linux-oem | — | Not in release | Not in release | Not in release | Not affected |
| linux-oem-6.8 | — | Not affected | Not in release | Not in release | Not in release |
| linux-oracle | — | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-raspi | — | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | — | Not affected | Not in release | Not in release | Not in release |
| linux-raspi2 | — | Not in release | Not in release | Ignored | Not affected |
| linux-realtime | — | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | — | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-snapdragon | — | Not in release | Not in release | Not in release | Not affected |
| linux-xilinx-zynqmp | — | Not in release | Not affected | Not affected | Not in release |
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary...
1 affected package
exuberant-ctags
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| exuberant-ctags | — | — | Fixed | Fixed | Fixed |
An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host...
1 affected package
vagrant
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| vagrant | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.
18 affected packages
linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | — |
| linux-armadaxp | — | — | — | — | — |
| linux-ec2 | — | — | — | — | — |
| linux-flo | — | — | — | — | — |
| linux-fsl-imx51 | — | — | — | — | — |
| linux-goldfish | — | — | — | — | — |
| linux-grouper | — | — | — | — | — |
| linux-lts-backport-maverick | — | — | — | — | — |
| linux-lts-backport-natty | — | — | — | — | — |
| linux-lts-backport-oneiric | — | — | — | — | — |
| linux-lts-quantal | — | — | — | — | — |
| linux-lts-raring | — | — | — | — | — |
| linux-lts-saucy | — | — | — | — | — |
| linux-maguro | — | — | — | — | — |
| linux-mako | — | — | — | — | — |
| linux-manta | — | — | — | — | — |
| linux-mvl-dove | — | — | — | — | — |
| linux-ti-omap4 | — | — | — | — | — |
URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery...
1 affected package
plantuml
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| plantuml | — | Not affected | Not affected | Not affected | Not affected |