Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 1262 results


CVE-2024-53859

Medium priority
Needs evaluation

go-gh is a Go module for interacting with the `gh` utility and the GitHub API from the command line. A security vulnerability has been identified in `go-gh` that could leak authentication tokens intended for GitHub hosts...

1 affected packages

golang-github-cli-go-gh-v2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-cli-go-gh-v2 Needs evaluation Not in release Not in release
Show less packages

CVE-2024-51744

Medium priority
Needs evaluation

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if...

2 affected packages

golang-github-golang-jwt-jwt, golang-github-golang-jwt-jwt-v5

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-golang-jwt-jwt Needs evaluation Needs evaluation Not in release
golang-github-golang-jwt-jwt-v5 Needs evaluation Not in release Not in release
Show less packages

CVE-2024-8312

Medium priority
Ignored

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. An attacker could inject HTML into the Global Search field on a diff view leading to XSS.

1 affected packages

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gitlab Not in release Not in release Not in release Ignored
Show less packages

CVE-2024-6826

Medium priority
Ignored

An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. A denial of service could occur via importing a malicious crafted XML manifest file.

1 affected packages

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gitlab Not in release Not in release Not in release Ignored
Show less packages

CVE-2024-44337

Medium priority
Needs evaluation

The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with...

1 affected packages

golang-github-gomarkdown-markdown

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-gomarkdown-markdown Needs evaluation Not in release Not in release
Show less packages

CVE-2024-9164

Medium priority
Ignored

An issue was discovered in GitLab EE affecting all versions starting from 12.5 prior to 17.2.9, starting from 17.3, prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows running pipelines on arbitrary branches.

1 affected packages

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gitlab Not in release Not in release Not in release Ignored
Show less packages

CVE-2024-8970

Medium priority
Ignored

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows an attacker to trigger a pipeline as...

1 affected packages

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gitlab Not in release Not in release Not in release Ignored
Show less packages

CVE-2024-5005

Medium priority
Ignored

An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 17.4.2 It was possible for...

1 affected packages

gitlab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gitlab Not in release Not in release Not in release Ignored
Show less packages

CVE-2024-36051

Medium priority
Needs evaluation

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2024-38365. Reason: This record is a duplicate of CVE-2024-38365. Notes: All CVE users should reference CVE-2024-38365 instead of this record. All references...

2 affected packages

golang-github-btcsuite-btcd-btcec, golang-github-btcsuite-btcd-chaincfg-chainhash

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-btcsuite-btcd-btcec Needs evaluation Needs evaluation Needs evaluation Needs evaluation
golang-github-btcsuite-btcd-chaincfg-chainhash Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-9341

Medium priority
Needs evaluation

A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit...

1 affected packages

golang-github-containers-common

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
golang-github-containers-common Needs evaluation Needs evaluation Not in release
Show less packages