Skip to content

dockerhub.hi.inet evolved 5g certification infolysisnetapp infolysisnetapp

Evolved5G edited this page Nov 21, 2023 · 3 revisions

Scan of image: dockerhub.hi.inet/evolved-5g/certification/infolysisnetapp/infolysisnetapp


Summary

Severity Number of vulnerabilities
HIGH 41
MEDIUM 443
LOW 177

Vulnerabilities

Severity ID Title PkgName InstalledVersion FixedVersion
HIGH CVE-2022-25235 Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
HIGH CVE-2022-25236 prefix]" attribute values can lead to arbitrary code execution libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
HIGH CVE-2022-3515 libksba: integer overflow may lead to remote code execution libksba8 1.3.5-2 1.3.5-2ubuntu0.18.04.1
HIGH CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands libsasl2-2 2.1.27~101-g0780600+dfsg-3ubuntu2.1 2.1.27~101-g0780600+dfsg-3ubuntu2.4
HIGH CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands libsasl2-modules 2.1.27~101-g0780600+dfsg-3ubuntu2.1 2.1.27~101-g0780600+dfsg-3ubuntu2.4
HIGH CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands libsasl2-modules-db 2.1.27~101-g0780600+dfsg-3ubuntu2.1 2.1.27~101-g0780600+dfsg-3ubuntu2.4
HIGH CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.5
HIGH CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.8
HIGH CVE-2023-0286 X.400 address type confusion in X.509 GeneralName libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.11
HIGH CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.5
HIGH CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.8
HIGH CVE-2023-0286 X.400 address type confusion in X.509 GeneralName libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.11
HIGH CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7
HIGH CVE-2021-3449 openssl: NULL pointer dereference in signature_algorithms processing libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9
HIGH CVE-2021-3711 SM2 Decryption Buffer Overflow libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13
HIGH CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.15
HIGH CVE-2023-0286 X.400 address type confusion in X.509 GeneralName libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.21
HIGH CVE-2021-33910 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash libsystemd0 237-3ubuntu10.42 237-3ubuntu10.49
HIGH CVE-2021-33910 systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash libudev1 237-3ubuntu10.42 237-3ubuntu10.49
HIGH CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.7
HIGH CVE-2021-3449 openssl: NULL pointer dereference in signature_algorithms processing openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.9
HIGH CVE-2021-3711 SM2 Decryption Buffer Overflow openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13
HIGH CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.15
HIGH CVE-2023-0286 X.400 address type confusion in X.509 GeneralName openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.21
HIGH CVE-2023-46234 browserify-sign: upper bound check issue in dsaVerify leads to a signature forgery attack browserify-sign 4.0.4 4.2.2
HIGH CVE-2020-7746 chart.js: prototype pollution chart.js 1.0.2 2.9.4
HIGH CVE-2023-34104 Regex Injection via Doctype Entities fast-xml-parser 4.2.2 4.2.4
HIGH CVE-2022-25881 Regular Expression Denial of Service (ReDoS) vulnerability http-cache-semantics 3.8.1 4.1.1
HIGH CVE-2016-7103 jquery-ui: cross-site scripting in dialog closeText jquery-ui 1.11.4 >=1.12.0
HIGH CVE-2016-10540 Minimatch is a minimal matching utility that works by converting glob ... minimatch 0.4.0 3.0.2
HIGH CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function minimatch 0.4.0 3.0.5
HIGH NSWG-ECO-118 Regular Expression Denial of Service minimatch 0.4.0 >=3.0.2
HIGH CVE-2016-10540 Minimatch is a minimal matching utility that works by converting glob ... minimatch 1.0.0 3.0.2
HIGH CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function minimatch 1.0.0 3.0.5
HIGH NSWG-ECO-118 Regular Expression Denial of Service minimatch 1.0.0 >=3.0.2
HIGH CVE-2021-3803 inefficient regular expression complexity nth-check 1.0.2 2.0.1
HIGH CVE-2021-3795 semver-regex: inefficient regular expression complexity semver-regex 2.0.0 3.1.3, 4.0.1
HIGH CVE-2023-37920 python-certifi: Removal of e-Tugra root certificate certifi 2021.10.8 2023.7.22
HIGH CVE-2023-0286 X.400 address type confusion in X.509 GeneralName cryptography 38.0.4 39.0.1
HIGH CVE-2023-30798 There MultipartParser usage in Encode's Starlette python framework bef ... starlette 0.16.0 0.25.0
HIGH CVE-2022-40898 remote attackers can cause denial of service via attacker controlled input to wheel cli wheel 0.36.2 0.38.1
MEDIUM CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2021-26690 httpd: mod_session: NULL pointer dereference when parsing Cookie header apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-26691 Heap overflow via a crafted SessionHeader value apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-30641 httpd: Unexpected URL matching with 'MergeSlashes OFF' apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-33193 httpd: Request splitting via HTTP/2 method injection and mod_proxy apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-34798 httpd: NULL pointer dereference via malformed requests apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.18
MEDIUM CVE-2021-44224 possible NULL dereference or SSRF in forward proxy configurations apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.21
MEDIUM CVE-2021-44790 httpd: mod_lua: Possible buffer overflow when parsing multipart content apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.21
MEDIUM CVE-2022-22719 parsebody apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-22720 httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-23943 Read/write beyond bounds apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-28615 httpd: Out-of-bounds read in ap_strcmp_match() apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-30522 httpd: mod_sed: DoS vulnerability apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.25
MEDIUM CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2022-37436 httpd: mod_proxy: HTTP response splitting apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.27
MEDIUM CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2021-26690 httpd: mod_session: NULL pointer dereference when parsing Cookie header apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-26691 Heap overflow via a crafted SessionHeader value apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-30641 httpd: Unexpected URL matching with 'MergeSlashes OFF' apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-33193 httpd: Request splitting via HTTP/2 method injection and mod_proxy apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-34798 httpd: NULL pointer dereference via malformed requests apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.18
MEDIUM CVE-2021-44224 possible NULL dereference or SSRF in forward proxy configurations apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.21
MEDIUM CVE-2021-44790 httpd: mod_lua: Possible buffer overflow when parsing multipart content apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.21
MEDIUM CVE-2022-22719 parsebody apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-22720 httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-23943 Read/write beyond bounds apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-28615 httpd: Out-of-bounds read in ap_strcmp_match() apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-30522 httpd: mod_sed: DoS vulnerability apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.25
MEDIUM CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2022-37436 httpd: mod_proxy: HTTP response splitting apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.27
MEDIUM CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2021-26690 httpd: mod_session: NULL pointer dereference when parsing Cookie header apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-26691 Heap overflow via a crafted SessionHeader value apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-30641 httpd: Unexpected URL matching with 'MergeSlashes OFF' apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-33193 httpd: Request splitting via HTTP/2 method injection and mod_proxy apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-34798 httpd: NULL pointer dereference via malformed requests apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.18
MEDIUM CVE-2021-44224 possible NULL dereference or SSRF in forward proxy configurations apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.21
MEDIUM CVE-2021-44790 httpd: mod_lua: Possible buffer overflow when parsing multipart content apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.21
MEDIUM CVE-2022-22719 parsebody apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-22720 httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-23943 Read/write beyond bounds apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-28615 httpd: Out-of-bounds read in ap_strcmp_match() apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-30522 httpd: mod_sed: DoS vulnerability apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.25
MEDIUM CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2022-37436 httpd: mod_proxy: HTTP response splitting apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.27
MEDIUM CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2021-26690 httpd: mod_session: NULL pointer dereference when parsing Cookie header apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-26691 Heap overflow via a crafted SessionHeader value apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-30641 httpd: Unexpected URL matching with 'MergeSlashes OFF' apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
MEDIUM CVE-2021-33193 httpd: Request splitting via HTTP/2 method injection and mod_proxy apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-34798 httpd: NULL pointer dereference via malformed requests apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.17
MEDIUM CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.18
MEDIUM CVE-2021-44224 possible NULL dereference or SSRF in forward proxy configurations apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.21
MEDIUM CVE-2021-44790 httpd: mod_lua: Possible buffer overflow when parsing multipart content apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.21
MEDIUM CVE-2022-22719 parsebody apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-22720 httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-23943 Read/write beyond bounds apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
MEDIUM CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-28615 httpd: Out-of-bounds read in ap_strcmp_match() apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-30522 httpd: mod_sed: DoS vulnerability apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.25
MEDIUM CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
MEDIUM CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2022-37436 httpd: mod_proxy: HTTP response splitting apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.26
MEDIUM CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.27
MEDIUM CVE-2020-27350 apt: integer overflows and underflows while parsing .deb packages apt 1.6.12ubuntu0.1 1.6.12ubuntu0.2
MEDIUM CVE-2022-23491 untrusted root certificates ca-certificates 20190110~18.04.1 20211016ubuntu0.18.04.1
MEDIUM CVE-2020-8285 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.12
MEDIUM CVE-2020-8286 curl: Inferior OCSP verification curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.12
MEDIUM CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.13
MEDIUM CVE-2021-22924 Bad connection reuse due to flawed path name checks curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.14
MEDIUM CVE-2021-22925 Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.14
MEDIUM CVE-2021-22946 Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.15
MEDIUM CVE-2021-22947 Server responses received before STARTTLS processed after TLS handshake curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.15
MEDIUM CVE-2022-22576 curl: OAUTH2 bearer bypass in connection re-use curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.17
MEDIUM CVE-2022-27774 curl: credential leak on redirect curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.17
MEDIUM CVE-2022-27782 TLS and SSH connection too eager reuse curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.18
MEDIUM CVE-2022-32206 HTTP compression denial of service curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.19
MEDIUM CVE-2022-32208 FTP-KRB bad message verification curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.19
MEDIUM CVE-2022-32221 POST following PUT confusion curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.21
MEDIUM CVE-2022-43552 curl: Use-after-free triggered by an HTTP proxy deny response curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.22
MEDIUM CVE-2023-23916 HTTP multi-header compression denial of service curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.23
MEDIUM CVE-2023-27535 curl: FTP too eager connection reuse curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
MEDIUM CVE-2022-34903 Signature spoofing via status line injection dirmngr 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-1664 Dpkg::Source::Archive in dpkg, the Debian package management system, b ... dpkg 1.19.0.5ubuntu2.3 1.19.0.5ubuntu2.4
MEDIUM CVE-2022-1304 out-of-bounds read/write via crafted filesystem e2fsprogs 1.44.1-1ubuntu1.3 1.44.1-1ubuntu1.4
MEDIUM CVE-2021-21300 remote code execution during clone operation on case-insensitive filesystems git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.8
MEDIUM CVE-2021-40330 unexpected cross-protocol requests via a repository path containing a newline character git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.9
MEDIUM CVE-2022-23521 git: gitattributes parsing integer overflow git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.15
MEDIUM CVE-2022-24765 git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.11
MEDIUM CVE-2022-29187 git: Bypass of safe.directory protections git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.12
MEDIUM CVE-2022-39253 exposure of sensitive information to a malicious actor git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.13
MEDIUM CVE-2022-39260 git shell function that splits command arguments can lead to arbitrary heap writes. git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.13
MEDIUM CVE-2022-41903 git: Heap overflow in git archive, git log --format leading to RCE git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.15
MEDIUM CVE-2023-22490 git: data exfiltration with maliciously crafted repository git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.16
MEDIUM CVE-2023-23946 git: git apply: a path outside the working tree can be overwritten with crafted input git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.16
MEDIUM CVE-2023-25652 git: by feeding specially crafted input to git apply --reject, a path outside the working tree can git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.18
MEDIUM CVE-2023-25815 git: malicious placement of crafted messages when git was compiled with runtime prefix git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.18
MEDIUM CVE-2023-29007 git: arbitrary configuration injection when renaming or deleting a section from a configuration file git 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.18
MEDIUM CVE-2021-21300 remote code execution during clone operation on case-insensitive filesystems git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.8
MEDIUM CVE-2021-40330 unexpected cross-protocol requests via a repository path containing a newline character git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.9
MEDIUM CVE-2022-23521 git: gitattributes parsing integer overflow git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.15
MEDIUM CVE-2022-24765 git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.11
MEDIUM CVE-2022-29187 git: Bypass of safe.directory protections git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.12
MEDIUM CVE-2022-39253 exposure of sensitive information to a malicious actor git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.13
MEDIUM CVE-2022-39260 git shell function that splits command arguments can lead to arbitrary heap writes. git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.13
MEDIUM CVE-2022-41903 git: Heap overflow in git archive, git log --format leading to RCE git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.15
MEDIUM CVE-2023-22490 git: data exfiltration with maliciously crafted repository git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.16
MEDIUM CVE-2023-23946 git: git apply: a path outside the working tree can be overwritten with crafted input git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.16
MEDIUM CVE-2023-25652 git: by feeding specially crafted input to git apply --reject, a path outside the working tree can git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.18
MEDIUM CVE-2023-25815 git: malicious placement of crafted messages when git was compiled with runtime prefix git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.18
MEDIUM CVE-2023-29007 git: arbitrary configuration injection when renaming or deleting a section from a configuration file git-man 1:2.17.1-1ubuntu0.7 1:2.17.1-1ubuntu0.18
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gnupg 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gnupg-l10n 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gnupg-utils 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gpg 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gpg-agent 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gpg-wks-client 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gpg-wks-server 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gpgconf 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gpgsm 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-34903 Signature spoofing via status line injection gpgv 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.6
MEDIUM CVE-2022-1271 arbitrary-file-write vulnerability gzip 1.6-5ubuntu1 1.6-5ubuntu1.2
MEDIUM CVE-2018-20217 Reachable assertion in the KDC using S4U2Self requests krb5-locales 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2020-28196 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may krb5-locales 1.16-2ubuntu0.1 1.16-2ubuntu0.2
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re krb5-locales 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l krb5-locales 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing krb5-locales 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2022-25147 apr-util: out-of-bounds writes in the apr_base64 libaprutil1 1.6.1-2 1.6.1-2ubuntu0.1
MEDIUM CVE-2022-25147 apr-util: out-of-bounds writes in the apr_base64 libaprutil1-dbd-sqlite3 1.6.1-2 1.6.1-2ubuntu0.1
MEDIUM CVE-2022-25147 apr-util: out-of-bounds writes in the apr_base64 libaprutil1-ldap 1.6.1-2 1.6.1-2ubuntu0.1
MEDIUM CVE-2020-27350 apt: integer overflows and underflows while parsing .deb packages libapt-pkg5.0 1.6.12ubuntu0.1 1.6.12ubuntu0.2
MEDIUM CVE-2018-16860 samba: S4U2Self with unkeyed checksum libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-3116 libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.4
MEDIUM CVE-2021-3672 c-ares: Missing input validation of host names may lead to domain hijacking libc-ares2 1.14.0-1 1.14.0-1ubuntu0.1
MEDIUM CVE-2022-4904 c-ares: buffer overflow in config_sortlist() due to missing string length check libc-ares2 1.14.0-1 1.14.0-1ubuntu0.2
MEDIUM CVE-2021-3999 Off-by-one buffer overflow/underflow in getcwd() libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
MEDIUM CVE-2021-3999 Off-by-one buffer overflow/underflow in getcwd() libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
MEDIUM CVE-2022-1304 out-of-bounds read/write via crafted filesystem libcom-err2 1.44.1-1ubuntu1.3 1.44.1-1ubuntu1.4
MEDIUM CVE-2020-8285 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.12
MEDIUM CVE-2020-8286 curl: Inferior OCSP verification libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.12
MEDIUM CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.13
MEDIUM CVE-2021-22924 Bad connection reuse due to flawed path name checks libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.14
MEDIUM CVE-2021-22925 Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.14
MEDIUM CVE-2021-22946 Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.15
MEDIUM CVE-2021-22947 Server responses received before STARTTLS processed after TLS handshake libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.15
MEDIUM CVE-2022-22576 curl: OAUTH2 bearer bypass in connection re-use libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.17
MEDIUM CVE-2022-27774 curl: credential leak on redirect libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.17
MEDIUM CVE-2022-27782 TLS and SSH connection too eager reuse libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.18
MEDIUM CVE-2022-32206 HTTP compression denial of service libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.19
MEDIUM CVE-2022-32208 FTP-KRB bad message verification libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.19
MEDIUM CVE-2022-32221 POST following PUT confusion libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.21
MEDIUM CVE-2022-43552 curl: Use-after-free triggered by an HTTP proxy deny response libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.22
MEDIUM CVE-2023-23916 HTTP multi-header compression denial of service libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.23
MEDIUM CVE-2023-27535 curl: FTP too eager connection reuse libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
MEDIUM CVE-2020-8285 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.12
MEDIUM CVE-2020-8286 curl: Inferior OCSP verification libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.12
MEDIUM CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.13
MEDIUM CVE-2021-22924 Bad connection reuse due to flawed path name checks libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.14
MEDIUM CVE-2021-22925 Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.14
MEDIUM CVE-2021-22946 Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.15
MEDIUM CVE-2021-22947 Server responses received before STARTTLS processed after TLS handshake libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.15
MEDIUM CVE-2022-22576 curl: OAUTH2 bearer bypass in connection re-use libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.17
MEDIUM CVE-2022-27774 curl: credential leak on redirect libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.17
MEDIUM CVE-2022-27782 TLS and SSH connection too eager reuse libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.18
MEDIUM CVE-2022-32206 HTTP compression denial of service libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.19
MEDIUM CVE-2022-32208 FTP-KRB bad message verification libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.19
MEDIUM CVE-2022-32221 POST following PUT confusion libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.21
MEDIUM CVE-2022-43552 curl: Use-after-free triggered by an HTTP proxy deny response libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.22
MEDIUM CVE-2023-23916 HTTP multi-header compression denial of service libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.23
MEDIUM CVE-2023-27535 curl: FTP too eager connection reuse libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
MEDIUM CVE-2021-46143 Integer overflow in doProlog in xmlparse.c libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
MEDIUM CVE-2022-22822 Integer overflow in addBinding in xmlparse.c libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
MEDIUM CVE-2022-22823 Integer overflow in build_model in xmlparse.c libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
MEDIUM CVE-2022-22824 Integer overflow in defineAttribute in xmlparse.c libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
MEDIUM CVE-2022-22825 Integer overflow in lookup in xmlparse.c libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
MEDIUM CVE-2022-22826 Integer overflow in nextScaffoldPart in xmlparse.c libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
MEDIUM CVE-2022-22827 Integer overflow in storeAtts in xmlparse.c libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
MEDIUM CVE-2022-23852 Integer overflow in function XML_GetBuffer libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
MEDIUM CVE-2022-23990 integer overflow in the doProlog function libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
MEDIUM CVE-2022-25313 Stack exhaustion in doctype parsing libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.7
MEDIUM CVE-2022-25314 expat: Integer overflow in copyString() libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.7
MEDIUM CVE-2022-25315 Integer overflow in storeRawNames() libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.7
MEDIUM CVE-2022-40674 expat: a use-after-free in the doContent function in xmlparse.c libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.8
MEDIUM CVE-2022-43680 use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.8
MEDIUM CVE-2022-1304 out-of-bounds read/write via crafted filesystem libext2fs2 1.44.1-1ubuntu1.3 1.44.1-1ubuntu1.4
MEDIUM CVE-2021-40528 ElGamal implementation allows plaintext recovery libgcrypt20 1.8.1-4ubuntu1.2 1.8.1-4ubuntu1.3
MEDIUM CVE-2022-2509 Double free during gnutls_pkcs7_verify libgnutls30 3.5.18-1ubuntu1.4 3.5.18-1ubuntu1.6
MEDIUM CVE-2018-20217 Reachable assertion in the KDC using S4U2Self requests libgssapi-krb5-2 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2020-28196 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may libgssapi-krb5-2 1.16-2ubuntu0.1 1.16-2ubuntu0.2
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re libgssapi-krb5-2 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l libgssapi-krb5-2 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libgssapi-krb5-2 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2018-16860 samba: S4U2Self with unkeyed checksum libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-3116 libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.4
MEDIUM CVE-2018-16860 samba: S4U2Self with unkeyed checksum libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-3116 libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.4
MEDIUM CVE-2018-16860 samba: S4U2Self with unkeyed checksum libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-3116 libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.4
MEDIUM CVE-2018-16860 samba: S4U2Self with unkeyed checksum libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-3116 libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.4
MEDIUM CVE-2021-20305 nettle: Out of bounds memory access in signature verification libhogweed4 3.4-1 3.4-1ubuntu0.1
MEDIUM CVE-2021-3580 Remote crash in RSA decryption via manipulated ciphertext libhogweed4 3.4-1 3.4.1-0ubuntu0.18.04.1
MEDIUM CVE-2020-8287 HTTP request smuggling via two copies of a header field in an http request libhttp-parser2.7.1 2.7.1-2 2.7.1-2ubuntu0.1
MEDIUM CVE-2018-16860 samba: S4U2Self with unkeyed checksum libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-3116 libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.4
MEDIUM CVE-2021-23358 nodejs-underscore: Arbitrary code execution via the template function libjs-underscore 1.8.3~dfsg-1 1.8.3~dfsg-1ubuntu0.1
MEDIUM CVE-2018-20217 Reachable assertion in the KDC using S4U2Self requests libk5crypto3 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2020-28196 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may libk5crypto3 1.16-2ubuntu0.1 1.16-2ubuntu0.2
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re libk5crypto3 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l libk5crypto3 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libk5crypto3 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2018-16860 samba: S4U2Self with unkeyed checksum libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-3116 libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.4
MEDIUM CVE-2018-20217 Reachable assertion in the KDC using S4U2Self requests libkrb5-3 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2020-28196 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may libkrb5-3 1.16-2ubuntu0.1 1.16-2ubuntu0.2
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re libkrb5-3 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l libkrb5-3 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libkrb5-3 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2018-20217 Reachable assertion in the KDC using S4U2Self requests libkrb5support0 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2020-28196 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may libkrb5support0 1.16-2ubuntu0.1 1.16-2ubuntu0.2
MEDIUM CVE-2021-36222 krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re libkrb5support0 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2021-37750 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l libkrb5support0 1.16-2ubuntu0.1 1.16-2ubuntu0.4
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libkrb5support0 1.16-2ubuntu0.1 1.16-2ubuntu0.3
MEDIUM CVE-2022-47629 libksba: integer overflow to code execution libksba8 1.3.5-2 1.3.5-2ubuntu0.18.04.2
MEDIUM CVE-2020-25692 NULL pointer dereference for unauthenticated packet in slapd libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.7
MEDIUM CVE-2020-25709 openldap: assertion failure in Certificate List syntax validation libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.8
MEDIUM CVE-2020-25710 openldap: assertion failure in CSN normalization with invalid input libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.8
MEDIUM CVE-2020-36221 openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36222 openldap: Assertion failure in slapd in the saslAuthzTo validation libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36223 openldap: Out-of-bounds read in Values Return Filter libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36224 openldap: Invalid pointer free in the saslAuthzTo processing libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36225 openldap: Double free in the saslAuthzTo processing libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36226 openldap: Denial of service via length miscalculation in slap_parse_user libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36227 openldap: Infinite loop in slapd with the cancel_extop Cancel operation libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36228 openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36229 openldap: Type confusion in ad_keystring in ad.c libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36230 openldap: Assertion failure in ber_next_element in decode.c libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2021-27212 Assertion failure in slapd in the issuerAndThisUpdateCheck function libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.10
MEDIUM CVE-2022-29155 OpenLDAP SQL injection libldap-2.4-2 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.11
MEDIUM CVE-2020-25692 NULL pointer dereference for unauthenticated packet in slapd libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.7
MEDIUM CVE-2020-25709 openldap: assertion failure in Certificate List syntax validation libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.8
MEDIUM CVE-2020-25710 openldap: assertion failure in CSN normalization with invalid input libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.8
MEDIUM CVE-2020-36221 openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36222 openldap: Assertion failure in slapd in the saslAuthzTo validation libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36223 openldap: Out-of-bounds read in Values Return Filter libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36224 openldap: Invalid pointer free in the saslAuthzTo processing libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36225 openldap: Double free in the saslAuthzTo processing libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36226 openldap: Denial of service via length miscalculation in slap_parse_user libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36227 openldap: Infinite loop in slapd with the cancel_extop Cancel operation libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36228 openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36229 openldap: Type confusion in ad_keystring in ad.c libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2020-36230 openldap: Assertion failure in ber_next_element in decode.c libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.9
MEDIUM CVE-2021-27212 Assertion failure in slapd in the issuerAndThisUpdateCheck function libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.10
MEDIUM CVE-2022-29155 OpenLDAP SQL injection libldap-common 2.4.45+dfsg-1ubuntu1.6 2.4.45+dfsg-1ubuntu1.11
MEDIUM CVE-2021-3520 memory corruption due to an integer overflow bug caused by memmove argument liblz4-1 0.0~r131-2ubuntu3 0.0~r131-2ubuntu3.1
MEDIUM CVE-2022-1271 arbitrary-file-write vulnerability liblzma5 5.2.2-1.3 5.2.2-1.3ubuntu0.1
MEDIUM CVE-2023-29491 ncurses: Local users can trigger security-relevant memory corruption via malformed data libncurses5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
MEDIUM CVE-2023-29491 ncurses: Local users can trigger security-relevant memory corruption via malformed data libncursesw5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
MEDIUM CVE-2021-20305 nettle: Out of bounds memory access in signature verification libnettle6 3.4-1 3.4-1ubuntu0.1
MEDIUM CVE-2021-3580 Remote crash in RSA decryption via manipulated ciphertext libnettle6 3.4-1 3.4.1-0ubuntu0.18.04.1
MEDIUM CVE-2020-29361 integer overflow when allocating memory for arrays or attributes and object identifiers libp11-kit0 0.23.9-2 0.23.9-2ubuntu0.1
MEDIUM CVE-2020-29362 out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c libp11-kit0 0.23.9-2 0.23.9-2ubuntu0.1
MEDIUM CVE-2020-29363 out-of-bounds write in p11_rpc_buffer_get_byte_array_value function in rpc-message.c libp11-kit0 0.23.9-2 0.23.9-2ubuntu0.1
MEDIUM CVE-2021-3177 Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c libpython2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.6
MEDIUM CVE-2021-4189 ftplib should not use the host from the PASV response libpython2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.7
MEDIUM CVE-2022-0391 urllib.parse does not sanitize URLs containing ASCII newline and tabs libpython2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.7
MEDIUM CVE-2022-45061 CPU denial of service via inefficient IDNA decoder libpython2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.10
MEDIUM CVE-2021-3177 Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c libpython2.7-stdlib 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.6
MEDIUM CVE-2021-4189 ftplib should not use the host from the PASV response libpython2.7-stdlib 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.7
MEDIUM CVE-2022-0391 urllib.parse does not sanitize URLs containing ASCII newline and tabs libpython2.7-stdlib 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.7
MEDIUM CVE-2022-45061 CPU denial of service via inefficient IDNA decoder libpython2.7-stdlib 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.10
MEDIUM CVE-2018-16860 samba: S4U2Self with unkeyed checksum libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-3116 libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.4
MEDIUM CVE-2020-35525 Null pointer derreference in src/select.c libsqlite3-0 3.22.0-1ubuntu0.4 3.22.0-1ubuntu0.6
MEDIUM CVE-2022-35737 an array-bounds overflow if billions of bytes are used in a string argument to a C API libsqlite3-0 3.22.0-1ubuntu0.4 3.22.0-1ubuntu0.7
MEDIUM CVE-2022-1304 out-of-bounds read/write via crafted filesystem libss2 1.44.1-1ubuntu1.3 1.44.1-1ubuntu1.4
MEDIUM CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.6
MEDIUM CVE-2021-3712 Read buffer overruns processing ASN.1 strings libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.7
MEDIUM CVE-2022-1292 c_rehash script allows command injection libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.9
MEDIUM CVE-2022-2068 the c_rehash script allows command injection libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.10
MEDIUM CVE-2023-0215 use-after-free following BIO_new_NDEF libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.11
MEDIUM CVE-2023-2650 openssl: Possible DoS translating ASN.1 object identifiers libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.13
MEDIUM CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.6
MEDIUM CVE-2021-3712 Read buffer overruns processing ASN.1 strings libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.7
MEDIUM CVE-2022-1292 c_rehash script allows command injection libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.9
MEDIUM CVE-2022-2068 the c_rehash script allows command injection libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.10
MEDIUM CVE-2023-0215 use-after-free following BIO_new_NDEF libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.11
MEDIUM CVE-2023-2650 openssl: Possible DoS translating ASN.1 object identifiers libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.13
MEDIUM CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.8
MEDIUM CVE-2021-3712 Read buffer overruns processing ASN.1 strings libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13
MEDIUM CVE-2022-1292 c_rehash script allows command injection libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.17
MEDIUM CVE-2022-2068 the c_rehash script allows command injection libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.19
MEDIUM CVE-2022-2097 AES OCB fails to encrypt some bytes libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.20
MEDIUM CVE-2022-4304 openssl: timing attack in RSA Decryption implementation libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.21
MEDIUM CVE-2022-4450 double free after calling PEM_read_bio_ex libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.21
MEDIUM CVE-2023-0215 use-after-free following BIO_new_NDEF libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.21
MEDIUM CVE-2023-2650 openssl: Possible DoS translating ASN.1 object identifiers libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.23
MEDIUM CVE-2022-2526 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c libsystemd0 237-3ubuntu10.42 237-3ubuntu10.56
MEDIUM CVE-2022-3821 systemd: buffer overrun in format_timespan() function libsystemd0 237-3ubuntu10.42 237-3ubuntu10.57
MEDIUM CVE-2023-29491 ncurses: Local users can trigger security-relevant memory corruption via malformed data libtinfo5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
MEDIUM CVE-2022-2526 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c libudev1 237-3ubuntu10.42 237-3ubuntu10.56
MEDIUM CVE-2022-3821 systemd: buffer overrun in format_timespan() function libudev1 237-3ubuntu10.42 237-3ubuntu10.57
MEDIUM CVE-2018-16860 samba: S4U2Self with unkeyed checksum libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2021-44758 Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ... libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-3116 libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
MEDIUM CVE-2022-3437 samba: heap buffer overflow in GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-41916 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Version ... libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.2
MEDIUM CVE-2022-42898 integer overflow vulnerabilities in PAC parsing libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-44640 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code ... libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.3
MEDIUM CVE-2022-45142 samba: CVE-2022-3437 fix introduced a logic inversion libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.4
MEDIUM CVE-2021-31535 missing request length checks libx11-6 2:1.6.4-3ubuntu0.3 2:1.6.4-3ubuntu0.4
MEDIUM CVE-2021-31535 missing request length checks libx11-data 2:1.6.4-3ubuntu0.3 2:1.6.4-3ubuntu0.4
MEDIUM CVE-2016-3709 Incorrect server side include parsing can lead to XSS libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.7
MEDIUM CVE-2021-3516 libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.4
MEDIUM CVE-2021-3517 libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.4
MEDIUM CVE-2021-3518 libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.4
MEDIUM CVE-2021-3537 NULL pointer dereference when post-validating mixed content parsed in recovery mode libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.4
MEDIUM CVE-2022-23308 Use-after-free of ID and IDREF attributes libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.5
MEDIUM CVE-2022-29824 integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.6
MEDIUM CVE-2022-40303 libxml2: integer overflows with XML_PARSE_HUGE libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.8
MEDIUM CVE-2022-40304 libxml2: dict corruption caused by entity reference cycles libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.8
MEDIUM CVE-2023-28484 libxml2: NULL dereference in xmlSchemaFixupComplexType libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.9
MEDIUM CVE-2023-29469 libxml2: Hashing of empty dict strings isn't deterministic libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.9
MEDIUM CVE-2019-5815 chromium-browser: Heap buffer overflow in Blink libxslt1.1 1.1.29-5ubuntu0.2 1.1.29-5ubuntu0.3
MEDIUM CVE-2021-30560 Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ... libxslt1.1 1.1.29-5ubuntu0.2 1.1.29-5ubuntu0.3
MEDIUM CVE-2021-24031 adds read permissions to files while being compressed or uncompressed libzstd1 1.3.3+dfsg-2ubuntu1.1 1.3.3+dfsg-2ubuntu1.2
MEDIUM CVE-2021-24032 Race condition allows attacker to access world-readable destination file libzstd1 1.3.3+dfsg-2ubuntu1.1 1.3.3+dfsg-2ubuntu1.2
MEDIUM CVE-2021-3999 Off-by-one buffer overflow/underflow in getcwd() locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
MEDIUM CVE-2021-3999 Off-by-one buffer overflow/underflow in getcwd() multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
MEDIUM CVE-2023-29491 ncurses: Local users can trigger security-relevant memory corruption via malformed data ncurses-base 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
MEDIUM CVE-2023-29491 ncurses: Local users can trigger security-relevant memory corruption via malformed data ncurses-bin 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
MEDIUM CVE-2022-3517 nodejs-minimatch: ReDoS via the braceExpand function node-minimatch 3.0.4-3 3.0.4-3+deb10u1build0.18.04.1
MEDIUM CVE-2021-23358 nodejs-underscore: Arbitrary code execution via the template function node-underscore 1.8.3~dfsg-1 1.8.3~dfsg-1ubuntu0.1
MEDIUM CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.8
MEDIUM CVE-2021-3712 Read buffer overruns processing ASN.1 strings openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.13
MEDIUM CVE-2022-1292 c_rehash script allows command injection openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.17
MEDIUM CVE-2022-2068 the c_rehash script allows command injection openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.19
MEDIUM CVE-2022-2097 AES OCB fails to encrypt some bytes openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.20
MEDIUM CVE-2022-4304 openssl: timing attack in RSA Decryption implementation openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.21
MEDIUM CVE-2022-4450 double free after calling PEM_read_bio_ex openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.21
MEDIUM CVE-2023-0215 use-after-free following BIO_new_NDEF openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.21
MEDIUM CVE-2023-2650 openssl: Possible DoS translating ASN.1 object identifiers openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.23
MEDIUM CVE-2022-40897 pypa-setuptools: Regular Expression Denial of Service (ReDoS) in package_index.py python-pkg-resources 39.0.1-2 39.0.1-2ubuntu0.1
MEDIUM CVE-2021-3177 Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c python2.7 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.6
MEDIUM CVE-2021-4189 ftplib should not use the host from the PASV response python2.7 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.7
MEDIUM CVE-2022-0391 urllib.parse does not sanitize URLs containing ASCII newline and tabs python2.7 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.7
MEDIUM CVE-2022-45061 CPU denial of service via inefficient IDNA decoder python2.7 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.10
MEDIUM CVE-2021-3177 Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c python2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.6
MEDIUM CVE-2021-4189 ftplib should not use the host from the PASV response python2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.7
MEDIUM CVE-2022-0391 urllib.parse does not sanitize URLs containing ASCII newline and tabs python2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.7
MEDIUM CVE-2022-45061 CPU denial of service via inefficient IDNA decoder python2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.10
MEDIUM CVE-2022-48303 heap buffer overflow at from_header() in list.c via specially crafted checksum tar 1.29b-2ubuntu0.1 1.29b-2ubuntu0.4
MEDIUM CVE-2022-1271 arbitrary-file-write vulnerability xz-utils 5.2.2-1.3 5.2.2-1.3ubuntu0.1
MEDIUM CVE-2018-25032 A flaw found in zlib when compressing (not decompressing) certain inputs zlib1g 1:1.2.11.dfsg-0ubuntu2 1:1.2.11.dfsg-0ubuntu2.1
MEDIUM CVE-2022-37434 heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra fie zlib1g 1:1.2.11.dfsg-0ubuntu2 1:1.2.11.dfsg-0ubuntu2.2
MEDIUM CVE-2022-33987 nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets got 7.1.0 12.1.0, 11.8.5
MEDIUM CVE-2022-33987 nodejs-got: missing verification of requested URLs allows redirects to UNIX sockets got 8.3.2 12.1.0, 11.8.5
MEDIUM CVE-2021-41182 jquery-ui: XSS in the altField option of the datepicker widget jquery-ui 1.11.4 1.13.0
MEDIUM CVE-2021-41183 jquery-ui: XSS in *Text options of the datepicker widget jquery-ui 1.11.4 1.13.0
MEDIUM CVE-2021-41184 jquery-ui: XSS in the 'of' option of the .position() util jquery-ui 1.11.4 1.13.0
MEDIUM CVE-2022-31160 XSS when refreshing a checkboxradio with an HTML-like initial text label jquery-ui 1.11.4 1.13.2
MEDIUM CVE-2017-16022 Cross-Site Scripting in morris.js morris.js 0.5.0
MEDIUM CVE-2017-16022 Cross-Site Scripting in morris.js morris.js 0.5.0
MEDIUM NSWG-ECO-307 XSS in Hover Over Label Names morris.js 0.5.0 <0.0.0
MEDIUM NSWG-ECO-307 XSS in Hover Over Label Names morris.js 0.5.0 <0.0.0
MEDIUM CVE-2022-25883 nodejs-semver: Regular expression denial of service semver 5.7.1 7.5.2, 6.3.1, 5.7.2
MEDIUM CVE-2022-25883 nodejs-semver: Regular expression denial of service semver 6.3.0 7.5.2, 6.3.1, 5.7.2
MEDIUM CVE-2022-23491 untrusted root certificates certifi 2021.10.8 2022.12.07
MEDIUM CVE-2023-23931 python-cryptography: memory corruption via immutable objects cryptography 38.0.4 39.0.1
MEDIUM CVE-2023-32681 python-requests: Unintended leak of Proxy-Authorization header requests 2.26.0 2.31.0
MEDIUM GHSA-74m5-2c7w-9w3x MultipartParser denial of service with too many fields or files starlette 0.16.0 0.25.0
LOW CVE-2020-35452 httpd: Single zero byte stack overflow in mod_auth_digest apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
LOW CVE-2022-22721 Possible buffer overflow with very large or unlimited LimitXMLRequestBody apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
LOW CVE-2022-28614 httpd: Out-of-bounds read via ap_rwrite() apache2 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
LOW CVE-2020-35452 httpd: Single zero byte stack overflow in mod_auth_digest apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
LOW CVE-2022-22721 Possible buffer overflow with very large or unlimited LimitXMLRequestBody apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
LOW CVE-2022-28614 httpd: Out-of-bounds read via ap_rwrite() apache2-bin 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
LOW CVE-2020-35452 httpd: Single zero byte stack overflow in mod_auth_digest apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
LOW CVE-2022-22721 Possible buffer overflow with very large or unlimited LimitXMLRequestBody apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
LOW CVE-2022-28614 httpd: Out-of-bounds read via ap_rwrite() apache2-data 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
LOW CVE-2020-35452 httpd: Single zero byte stack overflow in mod_auth_digest apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.16
LOW CVE-2022-22721 Possible buffer overflow with very large or unlimited LimitXMLRequestBody apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.22
LOW CVE-2022-28614 httpd: Out-of-bounds read via ap_rwrite() apache2-utils 2.4.29-1ubuntu4.14 2.4.29-1ubuntu4.24
LOW CVE-2019-18276 when effective UID is not equal to its real UID the saved UID is not dropped bash 4.4.18-2ubuntu1.2 4.4.18-2ubuntu1.3
LOW CVE-2020-8284 curl: FTP PASV command response can cause curl to connect to arbitrary host curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.12
LOW CVE-2021-22898 TELNET stack contents disclosure curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.14
LOW CVE-2022-27776 curl: auth/cookie leak on redirect curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.17
LOW CVE-2022-27781 CERTINFO never-ending busy-loop curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.18
LOW CVE-2022-35252 Incorrect handling of control code characters in cookies curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.20
LOW CVE-2023-27533 TELNET option IAC injection curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2023-27534 SFTP path ~ resolving discrepancy curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2023-27536 curl: GSS delegation too eager connection re-use curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2023-27538 SSH connection too eager reuse still curl 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack dirmngr 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gnupg 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gnupg-l10n 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gnupg-utils 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gpg 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gpg-agent 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gpg-wks-client 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gpg-wks-server 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gpgconf 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gpgsm 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack gpgv 2.2.4-1ubuntu1.3 2.2.4-1ubuntu1.5
LOW CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymou ... libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libasn1-8-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2019-25013 buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-29562 glibc: assertion failure in iconv when converting invalid UCS4 libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-6096 glibc: signed comparison vulnerability in the ARMv7 memcpy function libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2021-3326 Assertion failure in ISO-2022-JP-3 gconv module related to combining characters libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2021-35942 Arbitrary read in wordexp() libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2022-23218 Stack-based buffer overflow in svcunix_create via long pathnames libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2022-23219 Stack-based buffer overflow in sunrpc clnt_create via a long pathname libc-bin 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2019-25013 buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-29562 glibc: assertion failure in iconv when converting invalid UCS4 libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-6096 glibc: signed comparison vulnerability in the ARMv7 memcpy function libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2021-3326 Assertion failure in ISO-2022-JP-3 gconv module related to combining characters libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2021-35942 Arbitrary read in wordexp() libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2022-23218 Stack-based buffer overflow in svcunix_create via long pathnames libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2022-23219 Stack-based buffer overflow in sunrpc clnt_create via a long pathname libc6 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-8284 curl: FTP PASV command response can cause curl to connect to arbitrary host libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.12
LOW CVE-2021-22898 TELNET stack contents disclosure libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.14
LOW CVE-2022-27776 curl: auth/cookie leak on redirect libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.17
LOW CVE-2022-27781 CERTINFO never-ending busy-loop libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.18
LOW CVE-2022-35252 Incorrect handling of control code characters in cookies libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.20
LOW CVE-2023-27533 TELNET option IAC injection libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2023-27534 SFTP path ~ resolving discrepancy libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2023-27536 curl: GSS delegation too eager connection re-use libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2023-27538 SSH connection too eager reuse still libcurl3-gnutls 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2020-8284 curl: FTP PASV command response can cause curl to connect to arbitrary host libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.12
LOW CVE-2021-22898 TELNET stack contents disclosure libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.14
LOW CVE-2022-27776 curl: auth/cookie leak on redirect libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.17
LOW CVE-2022-27781 CERTINFO never-ending busy-loop libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.18
LOW CVE-2022-35252 Incorrect handling of control code characters in cookies libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.20
LOW CVE-2023-27533 TELNET option IAC injection libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2023-27534 SFTP path ~ resolving discrepancy libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2023-27536 curl: GSS delegation too eager connection re-use libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2023-27538 SSH connection too eager reuse still libcurl4 7.58.0-2ubuntu3.10 7.58.0-2ubuntu3.24
LOW CVE-2021-45960 Large number of prefixed XML attributes on a single tag can crash libexpat libexpat1 2.2.5-3ubuntu0.2 2.2.5-3ubuntu0.4
LOW CVE-2021-33560 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack ag libgcrypt20 1.8.1-4ubuntu1.2 1.8.1-4ubuntu1.3
LOW CVE-2021-43618 Integer overflow and resultant buffer overflow via crafted input libgmp10 2:6.1.2+dfsg-2 2:6.1.2+dfsg-2ubuntu0.1
LOW CVE-2021-4209 Null pointer dereference in MD_UPDATE libgnutls30 3.5.18-1ubuntu1.4 3.5.18-1ubuntu1.6
LOW CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymou ... libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libgssapi3-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymou ... libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libhcrypto4-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymou ... libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libheimbase1-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymou ... libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libheimntlm0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2018-16869 Leaky data conversion exposing a manager oracle libhogweed4 3.4-1 3.4.1-0ubuntu0.18.04.1
LOW CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymou ... libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libhx509-5-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2020-21913 icu: Use after free in pkg_createWithAssemblyCode function in tools/pkgdata/pkgdata.cpp libicu60 60.2-3ubuntu3.1 60.2-3ubuntu3.2
LOW CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymou ... libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libkrb5-26-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2019-17594 heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c libncurses5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2019-17595 heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c libncurses5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c libncurses5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2022-29458 segfaulting OOB read libncurses5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2019-17594 heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c libncursesw5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2019-17595 heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c libncursesw5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c libncursesw5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2022-29458 segfaulting OOB read libncursesw5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2018-16869 Leaky data conversion exposing a manager oracle libnettle6 3.4-1 3.4.1-0ubuntu0.18.04.1
LOW CVE-2022-28321 pam: authentication bypass for SSH logins libpam-modules 1.1.8-3.6ubuntu2.18.04.2 1.1.8-3.6ubuntu2.18.04.4
LOW CVE-2022-28321 pam: authentication bypass for SSH logins libpam-modules-bin 1.1.8-3.6ubuntu2.18.04.2 1.1.8-3.6ubuntu2.18.04.4
LOW CVE-2022-28321 pam: authentication bypass for SSH logins libpam-runtime 1.1.8-3.6ubuntu2.18.04.2 1.1.8-3.6ubuntu2.18.04.4
LOW CVE-2022-28321 pam: authentication bypass for SSH logins libpam0g 1.1.8-3.6ubuntu2.18.04.2 1.1.8-3.6ubuntu2.18.04.4
LOW CVE-2019-20838 pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 libpcre3 2:8.39-9 2:8.39-9ubuntu0.1
LOW CVE-2020-14155 pcre: Integer overflow when parsing callout numeric arguments libpcre3 2:8.39-9 2:8.39-9ubuntu0.1
LOW CVE-2015-20107 python: mailcap: findmatch() function does not sanitize the second argument libpython2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.8
LOW CVE-2015-20107 python: mailcap: findmatch() function does not sanitize the second argument libpython2.7-stdlib 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.8
LOW CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymou ... libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libroken18-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-36084 libsepol: use-after-free in __cil_verify_classperms() libsepol1 2.7-1 2.7-1ubuntu0.1
LOW CVE-2021-36085 libsepol: use-after-free in __cil_verify_classperms() libsepol1 2.7-1 2.7-1ubuntu0.1
LOW CVE-2021-36086 use-after-free in cil_reset_classpermission() libsepol1 2.7-1 2.7-1ubuntu0.1
LOW CVE-2021-36087 libsepol: heap-based buffer overflow in ebitmap_match_any() libsepol1 2.7-1 2.7-1ubuntu0.1
LOW CVE-2021-36690 A segmentation fault can occur in the sqlite3.exe command-line compone ... libsqlite3-0 3.22.0-1ubuntu0.4 3.22.0-1ubuntu0.5
LOW CVE-2021-23840 integer overflow in CipherUpdate libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.6
LOW CVE-2023-0464 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.12
LOW CVE-2023-0465 openssl: Invalid certificate policies in leaf certificates are silently ignored libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.12
LOW CVE-2023-0466 openssl: Certificate policy check not enabled libssl1.0-dev 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.12
LOW CVE-2021-23840 integer overflow in CipherUpdate libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.6
LOW CVE-2023-0464 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.12
LOW CVE-2023-0465 openssl: Invalid certificate policies in leaf certificates are silently ignored libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.12
LOW CVE-2023-0466 openssl: Certificate policy check not enabled libssl1.0.0 1.0.2n-1ubuntu5.4 1.0.2n-1ubuntu5.12
LOW CVE-2021-23840 integer overflow in CipherUpdate libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.8
LOW CVE-2023-0464 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.22
LOW CVE-2023-0465 openssl: Invalid certificate policies in leaf certificates are silently ignored libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.22
LOW CVE-2023-0466 openssl: Certificate policy check not enabled libssl1.1 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.22
LOW CVE-2020-13529 systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t libsystemd0 237-3ubuntu10.42 237-3ubuntu10.49
LOW CVE-2019-17594 heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c libtinfo5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2019-17595 heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c libtinfo5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c libtinfo5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2022-29458 segfaulting OOB read libtinfo5 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2020-13529 systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t libudev1 237-3ubuntu10.42 237-3ubuntu10.49
LOW CVE-2019-12098 In the client side of Heimdal before 7.6.0, failure to verify anonymou ... libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2021-3671 samba: Null pointer dereference on missing sname in TGS-REQ libwind0-heimdal 7.5.0+dfsg-1 7.5.0+dfsg-1ubuntu0.1
LOW CVE-2019-20388 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.4
LOW CVE-2020-24977 libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal() in entities.c libxml2 2.9.4+dfsg1-6.1ubuntu1.3 2.9.4+dfsg1-6.1ubuntu1.4
LOW CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2019-25013 buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-29562 glibc: assertion failure in iconv when converting invalid UCS4 locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-6096 glibc: signed comparison vulnerability in the ARMv7 memcpy function locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2021-3326 Assertion failure in ISO-2022-JP-3 gconv module related to combining characters locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2021-35942 Arbitrary read in wordexp() locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2022-23218 Stack-based buffer overflow in svcunix_create via long pathnames locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2022-23219 Stack-based buffer overflow in sunrpc clnt_create via a long pathname locales 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2018-7169 shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p login 1:4.5-1ubuntu2 1:4.5-1ubuntu2.2
LOW CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2019-25013 buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-27618 glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-29562 glibc: assertion failure in iconv when converting invalid UCS4 multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2020-6096 glibc: signed comparison vulnerability in the ARMv7 memcpy function multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2021-3326 Assertion failure in ISO-2022-JP-3 gconv module related to combining characters multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2021-35942 Arbitrary read in wordexp() multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2022-23218 Stack-based buffer overflow in svcunix_create via long pathnames multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2022-23219 Stack-based buffer overflow in sunrpc clnt_create via a long pathname multiarch-support 2.27-3ubuntu1.2 2.27-3ubuntu1.5
LOW CVE-2019-17594 heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c ncurses-base 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2019-17595 heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c ncurses-base 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c ncurses-base 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2022-29458 segfaulting OOB read ncurses-base 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2019-17594 heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c ncurses-bin 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2019-17595 heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c ncurses-bin 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2021-39537 heap-based buffer overflow in _nc_captoinfo() in captoinfo.c ncurses-bin 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2022-29458 segfaulting OOB read ncurses-bin 6.1-1ubuntu1.18.04 6.1-1ubuntu1.18.04.1
LOW CVE-2021-23840 integer overflow in CipherUpdate openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.8
LOW CVE-2023-0464 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.22
LOW CVE-2023-0465 openssl: Invalid certificate policies in leaf certificates are silently ignored openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.22
LOW CVE-2023-0466 openssl: Certificate policy check not enabled openssl 1.1.1-1ubuntu2.1~18.04.6 1.1.1-1ubuntu2.1~18.04.22
LOW CVE-2018-7169 shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p passwd 1:4.5-1ubuntu2 1:4.5-1ubuntu2.2
LOW CVE-2015-20107 python: mailcap: findmatch() function does not sanitize the second argument python2.7 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.8
LOW CVE-2015-20107 python: mailcap: findmatch() function does not sanitize the second argument python2.7-minimal 2.7.17-1~18.04ubuntu1.2 2.7.17-1~18.04ubuntu1.8
LOW CVE-2018-20482 tar: Infinite read loop in sparse_dump_region function in sparse.c tar 1.29b-2ubuntu0.1 1.29b-2ubuntu0.2
LOW CVE-2019-9923 tar: null-pointer dereference in pax_decode_header in sparse.c tar 1.29b-2ubuntu0.1 1.29b-2ubuntu0.2
LOW CVE-2021-20193 tar: Memory leak in read_header() in list.c tar 1.29b-2ubuntu0.1 1.29b-2ubuntu0.3
LOW CVE-2021-43307 Regular expression denial of service in semver-regex semver-regex 2.0.0 3.1.4, 4.0.3
LOW GHSA-5cpq-8wj7-hf2v Vulnerable OpenSSL included in cryptography wheels cryptography 38.0.4 41.0.0
LOW GHSA-jm77-qphf-c4w8 pyca/cryptography's wheels include vulnerable OpenSSL cryptography 38.0.4 41.0.3
LOW GHSA-v8gr-m533-ghj9 Vulnerable OpenSSL included in cryptography wheels cryptography 38.0.4 41.0.4
LOW CVE-2023-29159 Starlette has Path Traversal vulnerability in StaticFiles starlette 0.16.0 0.27.0

Date: 2023-11-21