Search CVE reports
1 – 10 of 45004 results
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can...
2 affected packages
containerd, containerd-app
| Package | 16.04 LTS |
|---|---|
| containerd | Needs evaluation |
| containerd-app | — |
Dosage is a comic strip downloader and archiver. When downloading comic images in versions 3.1 and below, Dosage constructs target file names from different aspects of the remote comic (page URL, image URL, page content, etc.)....
1 affected package
dosage
| Package | 16.04 LTS |
|---|---|
| dosage | Needs evaluation |
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability....
2 affected packages
containerd, containerd-app
| Package | 16.04 LTS |
|---|---|
| containerd | Needs evaluation |
| containerd-app | — |
An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a...
1 affected package
python-django
| Package | 16.04 LTS |
|---|---|
| python-django | Not affected |
An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of...
1 affected package
libarchive
| Package | 16.04 LTS |
|---|---|
| libarchive | Needs evaluation |
A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a...
1 affected package
lasso
| Package | 16.04 LTS |
|---|---|
| lasso | Needs evaluation |
A denial of service vulnerability exists in the lasso_node_init_from_message_with_format functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of...
1 affected package
lasso
| Package | 16.04 LTS |
|---|---|
| lasso | Needs evaluation |
A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML assertion response can lead to a denial of service. An attacker can send a...
1 affected package
lasso
| Package | 16.04 LTS |
|---|---|
| lasso | Needs evaluation |
A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed...
1 affected package
lasso
| Package | 16.04 LTS |
|---|---|
| lasso | Needs evaluation |
Potential SQL injection via _connector keyword argument in QuerySet and Q objects
1 affected package
python-django
| Package | 16.04 LTS |
|---|---|
| python-django | Not affected |