Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

51 – 60 of 88 results

CVE-2018-20843

Low priority

Some fixes available 22 of 116

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable...

32 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
audacity Needs evaluation Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Needs evaluation
cableswig Not in release Not in release Not in release Not in release Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Vulnerable Vulnerable
expat Fixed Fixed Fixed Fixed Fixed
firefox Not affected Not affected Not affected Not affected Not affected
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release Needs evaluation
insighttoolkit4 Not in release Not affected Not affected Not affected Vulnerable
kompozer Not in release Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release Not in release
libxmltok Vulnerable Fixed Fixed Fixed Fixed
matanza Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
poco Not affected Not affected Not affected Not affected Not affected
simgear Not affected Not affected Not affected Not affected Not affected
sitecopy Not in release Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not affected Not affected
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Vulnerable Vulnerable
vtk Not in release Not in release Not in release Not in release Fixed
wbxml2 Not affected Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release Not in release
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 32 packages Show less packages

CVE-2019-11323

Medium priority
Not affected

HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. This is related to an include/types/ssl_sock.h error.

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Not affected Not affected
Show less packages

CVE-2018-20615

Medium priority
Fixed

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed Not affected
Show less packages

CVE-2018-20103

Medium priority
Fixed

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed Not affected
Show less packages

CVE-2018-20102

Medium priority
Fixed

An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed Fixed
Show less packages

CVE-2018-14645

Medium priority
Fixed

A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed Not affected
Show less packages

CVE-2018-11469

Medium priority
Fixed

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Fixed Not affected
Show less packages

CVE-2018-10184

Medium priority
Not affected

An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the max_frame_size setting instead of being checked against the bufsize. The max_frame_size only applies to outgoing traffic and not...

1 affected packages

haproxy

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
haproxy Not affected Not affected
Show less packages

CVE-2017-12618

Low priority

Some fixes available 2 of 4

Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to...

1 affected packages

apr-util

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apr-util Not affected Not affected Not affected Fixed
Show less packages

CVE-2017-12613

Low priority

Some fixes available 2 of 4

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t...

1 affected packages

apr

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apr Not affected Not affected Not affected Fixed
Show less packages
  1. Previous page
  2. 4
  3. 5
  4. 6
  5. 7
  6. 8
  7. Next page
Export to JSON