Search CVE reports
41 – 50 of 42559 results
[Unknown description]
1 affected package
libsereal-encoder-perl
| Package | 18.04 LTS |
|---|---|
| libsereal-encoder-perl | Needs evaluation |
[Unknown description]
1 affected package
libsereal-encoder-perl
| Package | 18.04 LTS |
|---|---|
| libsereal-encoder-perl | Needs evaluation |
A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image....
1 affected package
gdk-pixbuf
| Package | 18.04 LTS |
|---|---|
| gdk-pixbuf | Needs evaluation |
OpenStack Glance <29.1.1, >=30.0.0 <30.1.1, ==31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and redirect to internal services. Only...
1 affected package
glance
| Package | 18.04 LTS |
|---|---|
| glance | Needs evaluation |
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer...
1 affected package
python-cryptography
| Package | 18.04 LTS |
|---|---|
| python-cryptography | Needs evaluation |
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
2 affected packages
docker.io, docker.io-app
| Package | 18.04 LTS |
|---|---|
| docker.io | Needs evaluation |
| docker.io-app | — |
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's...
2 affected packages
docker.io, docker.io-app
| Package | 18.04 LTS |
|---|---|
| docker.io | Needs evaluation |
| docker.io-app | — |
[Whitespace padding in filenames bypasses file upload extension checks]
1 affected package
modsecurity-crs
| Package | 18.04 LTS |
|---|---|
| modsecurity-crs | Needs evaluation |
Botan is a C++ cryptography library. Prior to version 3.11.0, during processing of an X.509 certificate path using name constraints which restrict the set of allowable DNS names, if no subject alternative name is defined in the...
3 affected packages
botan, botan1.10, botan3
| Package | 18.04 LTS |
|---|---|
| botan | Needs evaluation |
| botan1.10 | Needs evaluation |
| botan3 | — |
Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP...
3 affected packages
botan, botan1.10, botan3
| Package | 18.04 LTS |
|---|---|
| botan | Needs evaluation |
| botan1.10 | Needs evaluation |
| botan3 | — |