Search CVE reports
211 – 220 of 41626 results
Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) can be bypassed to fetch resources from hosts outside allowedUris by using...
1 affected package
node-webpack
| Package | 18.04 LTS |
|---|---|
| node-webpack | Needs evaluation |
Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) enforces allowedUris only for the initial URL, but does not re-validate...
1 affected package
node-webpack
| Package | 18.04 LTS |
|---|---|
| node-webpack | Needs evaluation |
During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed....
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 18.04 LTS |
|---|---|
| golang | — |
| golang-1.6 | — |
| golang-1.8 | Needs evaluation |
| golang-1.9 | Needs evaluation |
| golang-1.10 | Needs evaluation |
| golang-1.13 | Needs evaluation |
| golang-1.14 | — |
| golang-1.16 | Needs evaluation |
| golang-1.17 | — |
| golang-1.18 | Needs evaluation |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.25 | — |
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
7 affected packages
golang-golang-x-net, google-guest-agent, containerd, golang-golang-x-net-dev, adsys...
| Package | 18.04 LTS |
|---|---|
| golang-golang-x-net | — |
| google-guest-agent | Not affected |
| containerd | Not affected |
| golang-golang-x-net-dev | Needs evaluation |
| adsys | — |
| juju-core | — |
| lxd | Needs evaluation |
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.
7 affected packages
golang-golang-x-net, google-guest-agent, containerd, golang-golang-x-net-dev, adsys...
| Package | 18.04 LTS |
|---|---|
| golang-golang-x-net | — |
| google-guest-agent | Not affected |
| containerd | Not affected |
| golang-golang-x-net-dev | Needs evaluation |
| adsys | — |
| juju-core | — |
| lxd | Needs evaluation |
Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the...
1 affected package
dnsmasq
| Package | 18.04 LTS |
|---|---|
| dnsmasq | Needs evaluation |
CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. Attackers can create a malicious M3U playlist...
1 affected package
codeblocks
| Package | 18.04 LTS |
|---|---|
| codeblocks | Needs evaluation |
@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an...
1 affected package
node-brace-expansion
| Package | 18.04 LTS |
|---|---|
| node-brace-expansion | Needs evaluation |
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the...
149 affected packages
linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11, linux-hwe-5.13...
| Package | 18.04 LTS |
|---|---|
| linux-hwe | Ignored |
| linux-hwe-5.4 | Not affected |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-edge | Ignored |
| linux-lts-xenial | Not in release |
| linux-kvm | Not affected |
| linux-allwinner-5.19 | Not in release |
| linux-aws-5.0 | Ignored |
| linux-aws-5.3 | Ignored |
| linux-aws-5.4 | Not affected |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Ignored |
| linux-azure-4.15 | Not affected |
| linux-azure-5.3 | Ignored |
| linux-azure-5.4 | Not affected |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-6.11 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fde-6.8 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-bluefield | Not in release |
| linux-azure-edge | Ignored |
| linux-fips | Not affected |
| linux-aws-fips | Not affected |
| linux-azure-fips | Not affected |
| linux-gcp-fips | Not affected |
| linux-gcp | Ignored |
| linux-gcp-4.15 | Not affected |
| linux-gcp-5.3 | Ignored |
| linux-gcp-5.4 | Not affected |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gke | Not in release |
| linux-gke-4.15 | Ignored |
| linux-gke-5.4 | Ignored |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Not in release |
| linux-gkeop-5.4 | Ignored |
| linux-gkeop-5.15 | Not in release |
| linux-ibm | Not in release |
| linux-ibm-5.4 | Not affected |
| linux-ibm-5.15 | Not in release |
| linux-ibm-6.8 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Not in release |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-oracle-5.0 | Ignored |
| linux-oracle-5.3 | Ignored |
| linux-oracle-5.4 | Not affected |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-oem | Ignored |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-raspi2 | Ignored |
| linux-raspi-5.4 | Not affected |
| linux-raspi-realtime | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx | Not in release |
| linux-xilinx-zynqmp | Not in release |
| linux | Not affected |
| linux-aws | Not affected |
| linux-oracle | Not affected |
| linux-raspi | Not in release |
| linux-realtime | Not in release |
In the Linux kernel, the following vulnerability has been resolved: fs/writeback: skip AS_NO_DATA_INTEGRITY mappings in wait_sb_inodes() Above the while() loop in wait_sb_inodes(), we document that we must wait for all pages under...
149 affected packages
linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11, linux-hwe-5.13...
| Package | 18.04 LTS |
|---|---|
| linux-hwe | Ignored |
| linux-hwe-5.4 | Not affected |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-edge | Ignored |
| linux-lts-xenial | Not in release |
| linux-kvm | Not affected |
| linux-allwinner-5.19 | Not in release |
| linux-aws-5.0 | Ignored |
| linux-aws-5.3 | Ignored |
| linux-aws-5.4 | Not affected |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Ignored |
| linux-azure-4.15 | Not affected |
| linux-azure-5.3 | Ignored |
| linux-azure-5.4 | Not affected |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-6.11 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fde-6.8 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-bluefield | Not in release |
| linux-azure-edge | Ignored |
| linux-fips | Not affected |
| linux-aws-fips | Not affected |
| linux-azure-fips | Not affected |
| linux-gcp-fips | Not affected |
| linux-gcp | Ignored |
| linux-gcp-4.15 | Not affected |
| linux-gcp-5.3 | Ignored |
| linux-gcp-5.4 | Not affected |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gke | Not in release |
| linux-gke-4.15 | Ignored |
| linux-gke-5.4 | Ignored |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Not in release |
| linux-gkeop-5.4 | Ignored |
| linux-gkeop-5.15 | Not in release |
| linux-ibm | Not in release |
| linux-ibm-5.4 | Not affected |
| linux-ibm-5.15 | Not in release |
| linux-ibm-6.8 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Not in release |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-oracle-5.0 | Ignored |
| linux-oracle-5.3 | Ignored |
| linux-oracle-5.4 | Not affected |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-oem | Ignored |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-oem-6.17 | Not in release |
| linux-raspi2 | Ignored |
| linux-raspi-5.4 | Not affected |
| linux-raspi-realtime | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx | Not in release |
| linux-xilinx-zynqmp | Not in release |
| linux | Not affected |
| linux-aws | Not affected |
| linux-oracle | Not affected |
| linux-raspi | Not in release |
| linux-realtime | Not in release |