Search CVE reports
1 – 10 of 36612 results
(A weakness has been identified in libssh up to 0.11.3. The impacted el ...)
1 affected package
libssh
| Package | 22.04 LTS |
|---|---|
| libssh | Needs evaluation |
A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height...
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 22.04 LTS |
|---|---|
| libpng | Not in release |
| libpng1.6 | Needs evaluation |
| firefox | Not affected |
| thunderbird | Not affected |
| chromium-browser | Not affected |
A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic...
1 affected package
dropbear
| Package | 22.04 LTS |
|---|---|
| dropbear | Needs evaluation |
[Unknown description]
2 affected packages
libsoup2.4, libsoup3
| Package | 22.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | Needs evaluation |
[Unknown description]
2 affected packages
libsoup2.4, libsoup3
| Package | 22.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | Needs evaluation |
[Unknown description]
2 affected packages
libsoup2.4, libsoup3
| Package | 22.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | Needs evaluation |
Not in release
Caddy is an extensible server platform that uses TLS by default. From version 2.7.5 to before version 2.11.2, the vars_regexp matcher in vars.go:337 double-expands user-controlled input through the Caddy replacer. When vars_regexp...
1 affected package
caddy
| Package | 22.04 LTS |
|---|---|
| caddy | Not in release |
Not in release
Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation....
1 affected package
caddy
| Package | 22.04 LTS |
|---|---|
| caddy | Not in release |
league/commonmark is a PHP Markdown parser. Prior to version 2.8.1, the DisallowedRawHtml extension can be bypassed by inserting a newline, tab, or other ASCII whitespace character between a disallowed HTML tag name and...
1 affected package
php-league-commonmark
| Package | 22.04 LTS |
|---|---|
| php-league-commonmark | Needs evaluation |
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a drive-relative link target such as C:../target.txt, which...
1 affected package
node-tar
| Package | 22.04 LTS |
|---|---|
| node-tar | Needs evaluation |