Search CVE reports


Toggle filters

21 – 25 of 25 results


CVE-2009-3560

Medium priority

Some fixes available 79 of 506

The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed...

41 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
audacity Needs evaluation Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not affected
cableswig Not in release Not in release Not in release Not in release Needs evaluation
cadaver Not affected Not affected Not affected Not affected Not affected
celementtree Not in release Not in release Not in release Not in release Not in release
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Vulnerable Vulnerable
expat Fixed Fixed Fixed Fixed Fixed
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
grmonitor Not in release Not in release Not in release Not in release Not in release
insighttoolkit Not in release Not in release Not in release Not in release Not affected
kompozer Not in release Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release Not in release
libxmltok Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
matanza Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
paraview Not affected Not affected Not affected Not affected Not affected
poco Not affected Not affected Not affected Not affected Not affected
python-xml Not in release Not in release Not in release Not in release Not in release
python2.4 Not in release Not in release Not in release Not in release Not in release
python2.5 Not in release Not in release Not in release Not in release Not in release
python2.6 Not in release Not in release Not in release Not in release Not in release
simgear Not affected Not affected Not affected Not affected Not affected
sitecopy Not in release Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not affected Not affected
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
tla Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not affected Not affected
vtk Not in release Not in release Not in release Not in release Not affected
w3c-libwww Not in release Not in release Not in release Not in release Not in release
wbxml2 Not affected Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release Not in release
wxwindows2.4 Not in release Not in release Not in release Not in release Not in release
xmlrpc-c Fixed Fixed Fixed Fixed Fixed
xotcl Not affected Not affected Not affected Not affected Not affected
xulrunner Not in release Not in release Not in release Not in release Not in release
Show all 41 packages Show less packages

CVE-2009-3720

Low priority

Some fixes available 79 of 536

The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML...

41 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
audacity Needs evaluation Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not affected
cableswig Not in release Not in release Not in release Not in release Needs evaluation
cadaver Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
celementtree Not in release Not in release Not in release Not in release Not in release
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
expat Fixed Fixed Fixed Fixed Fixed
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
grmonitor Not in release Not in release Not in release Not in release Not in release
insighttoolkit Not in release Not in release Not in release Not in release Needs evaluation
kompozer Not in release Not in release Not in release Not in release Not in release
libparagui1.1 Not in release Not in release Not in release Not in release Not in release
libxmltok Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
matanza Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
paraview Not affected Not affected Not affected Not affected Not affected
poco Not affected Not affected Not affected Not affected Not affected
python-xml Not in release Not in release Not in release Not in release Not in release
python2.4 Not in release Not in release Not in release Not in release Not in release
python2.5 Not in release Not in release Not in release Not in release Not in release
python2.6 Not in release Not in release Not in release Not in release Not in release
simgear Not affected Not affected Not affected Not affected Not affected
sitecopy Not in release Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not affected Not affected
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
tla Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not affected Not affected
vtk Not in release Not in release Not in release Not in release Not affected
w3c-libwww Not in release Not in release Not in release Not in release Not in release
wbxml2 Not affected Not affected Not affected Not affected Not affected
wxwidgets2.6 Not in release Not in release Not in release Not in release Not in release
wxwidgets2.8 Not in release Not in release Not in release Not in release Not in release
wxwindows2.4 Not in release Not in release Not in release Not in release Not in release
xmlrpc-c Fixed Fixed Fixed Fixed Fixed
xotcl Not affected Not affected Not affected Not affected Not affected
xulrunner Not in release Not in release Not in release Not in release Not in release
Show all 41 packages Show less packages

CVE-2008-5983

Low priority

Some fixes available 4 of 14

Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.4
python2.5
python2.6
python2.7
python3.1
python3.2
Show less packages

CVE-2008-4108

Negligible priority
Ignored

Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common...

3 affected packages

python2.4, python2.5, python2.6

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.4
python2.5
python2.6
Show less packages

CVE-2007-4559

Medium priority

Some fixes available 2 of 30

Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR...

16 affected packages

python2.3, python2.4, python2.5, python2.6, python2.7...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python2.3
python2.4
python2.5
python2.6
python2.7 Ignored Ignored Ignored Ignored
python3.0
python3.1
python3.10 Fixed Not in release Not in release Not in release
python3.11 Ignored Not in release Not in release Not in release
python3.12 Not in release Not in release Not in release Not in release
python3.4 Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Ignored
python3.6 Not in release Not in release Ignored Not in release
python3.7 Not in release Not in release Ignored Not in release
python3.8 Not in release Ignored Ignored Not in release
python3.9 Not in release Ignored Not in release Not in release
Show all 16 packages Show less packages