Search CVE reports
1 – 10 of 40688 results
(Observable Timing Discrepancy vulnerabilitywhen comparing AJP secret i ...)
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 20.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | — |
| tomcat9 | Vulnerable |
| tomcat10 | — |
| tomcat11 | — |
(Improper Handling of Case Sensitivity vulnerability in LockOutRealm in ...)
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 20.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | — |
| tomcat9 | Vulnerable |
| tomcat10 | — |
| tomcat11 | — |
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image.
1 affected package
golang-golang-x-image
| Package | 20.04 LTS |
|---|---|
| golang-golang-x-image | Needs evaluation |
[Unknown description]
1 affected package
apache-directory-api
| Package | 20.04 LTS |
|---|---|
| apache-directory-api | Needs evaluation |
(A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the ...)
1 affected package
dcmtk
| Package | 20.04 LTS |
|---|---|
| dcmtk | Needs evaluation |
(A NULL pointer dereference in GPAC MP4Box: when parsing certain trunca ...)
1 affected package
gpac
| Package | 20.04 LTS |
|---|---|
| gpac | Needs evaluation |
An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to admin by chaining unrestricted...
1 affected package
keystone
| Package | 20.04 LTS |
|---|---|
| keystone | Needs evaluation |
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforce_call unconditionally merges the raw JSON request body into the policy enforcement dictionary...
1 affected package
keystone
| Package | 20.04 LTS |
|---|---|
| keystone | Needs evaluation |
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches the owner of the...
1 affected package
keystone
| Package | 20.04 LTS |
|---|---|
| keystone | Needs evaluation |
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in...
1 affected package
erlang
| Package | 20.04 LTS |
|---|---|
| erlang | Needs evaluation |