Search CVE reports
4801 – 4810 of 61333 results
Some fixes available 11 of 13
A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the...
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server.
2 affected packages
libsoup3, libsoup2.4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libsoup3 | Fixed | Fixed | Not in release | — |
| libsoup2.4 | Fixed | Fixed | Fixed | Fixed |
Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2.
1 affected package
giflib
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| giflib | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the...
1 affected package
assimp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| assimp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler....
1 affected package
assimp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| assimp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side...
1 affected package
perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| perl | Fixed | Fixed | Not affected | Not affected |
Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where...
1 affected package
libcrypt-cbc-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libcrypt-cbc-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.
1 affected package
mediawiki
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mediawiki | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 1 of 16
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. Processing web content may lead to arbitrary code execution.
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| webkitgtk | Not in release | Not in release | Not in release | Ignored |
| webkit2gtk | Not affected | Fixed | Ignored | Ignored |
| qtwebkit-source | Not in release | Not in release | Not in release | Ignored |
| qtwebkit-opensource-src | Ignored | Ignored | Ignored | Ignored |
| wpewebkit | Not in release | Ignored | Ignored | — |
Some fixes available 1 of 16
Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory handling.
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| webkitgtk | Not in release | Not in release | Not in release | Ignored |
| webkit2gtk | Not affected | Fixed | Ignored | Ignored |
| qtwebkit-source | Not in release | Not in release | Not in release | Ignored |
| qtwebkit-opensource-src | Ignored | Ignored | Ignored | Ignored |
| wpewebkit | Not in release | Ignored | Ignored | — |