HTTP 500 or 504 errors when priority filtering is set to critical in https://ubuntu.com/security/cves

[wapsi]

Summary

If I go to URL: https://ubuntu.com/security/cves?version=noble&version=jammy&version=focal&version=bionic&version=xenial&version=trusty and check the "Ubuntu priority" to "Critical" and press "Apply filters", I'll receive "500: Server error" or "504 Gateway Time-out" page:

Steps to reproduce the behavior

1. Go to URL: https://ubuntu.com/security/cves?version=noble&version=jammy&version=focal&version=bionic&version=xenial&version=trusty
2. check the "Ubuntu priority" to "Critical"
3. Press "Apply filters" button

Expected behavior

It should list all critical severity CVEs

Browser/device details

Browser: Curl 7.29.0 (x86_64-redhat-linux-gnu) or Firefox 133.0.3
OS: RHEL 7, Debian 12

Reported from

GitHub

[brlin-tw]

I can also reproduce this issue by opening the https://ubuntu.com/security/cves page, input anything in the "CVE ID or description contains:" input box, and hitting the green Search button on the right side.

Workarounds

Input nothing will bring you to the Search CVE reports page without errors.