Search CVE reports
251 – 260 of 42294 results
jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack...
1 affected package
jq
| Package | 20.04 LTS |
|---|---|
| jq | Needs evaluation |
X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compatibility certificate verifier (wolfSSL_X509_verify_cert()). This affects only builds with --enable-opensslextra whose application calls X509_verify_cert() with...
1 affected package
wolfssl
| Package | 20.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply...
1 affected package
socat
| Package | 20.04 LTS |
|---|---|
| socat | Needs evaluation |
Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim) executes reconstructed function and class definitions from...
1 affected package
vim
| Package | 20.04 LTS |
|---|---|
| vim | Vulnerable |
Vim is an open source, command line text editor. Prior to 9.2.0698, the single-byte branch of spell_soundfold_sofo() in src/spell.c translates a word through a spell file's SOFO (sound-folding) byte map into a caller-owned result...
1 affected package
vim
| Package | 20.04 LTS |
|---|---|
| vim | Vulnerable |
Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or...
1 affected package
vim
| Package | 20.04 LTS |
|---|---|
| vim | Not affected |
Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse, read, extract, update or delete entries in a zip archive, it builds...
1 affected package
vim
| Package | 20.04 LTS |
|---|---|
| vim | Not affected |
Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xchacha20poly1305, requires the +sodium feature) whose body is shorter than a single...
1 affected package
vim
| Package | 20.04 LTS |
|---|---|
| vim | Not affected |
Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textprop_T entries that...
1 affected package
vim
| Package | 20.04 LTS |
|---|---|
| vim | Not affected |
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Node#do_xinclude replaced each <xi:include> in place, freeing the include node...
1 affected package
ruby-nokogiri
| Package | 20.04 LTS |
|---|---|
| ruby-nokogiri | Needs evaluation |