Search CVE reports
231 – 240 of 42078 results
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, during the SST the donor node is...
5 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6
| Package | 22.04 LTS |
|---|---|
| mariadb | Not in release |
| mariadb-10.0 | Not in release |
| mariadb-10.1 | Not in release |
| mariadb-10.3 | Not in release |
| mariadb-10.6 | Needs evaluation |
Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which should only be used for legacy systems. These versions default to using 1000...
1 affected package
libcrypt-pbkdf2-perl
| Package | 22.04 LTS |
|---|---|
| libcrypt-pbkdf2-perl | Needs evaluation |
Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography.
1 affected package
libcrypt-pbkdf2-perl
| Package | 22.04 LTS |
|---|---|
| libcrypt-pbkdf2-perl | Needs evaluation |
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty HTTP/2 max header size handling produces an attack similar to HTTP/2 Rapid Reset....
1 affected package
netty
| Package | 22.04 LTS |
|---|---|
| netty | Needs evaluation |
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, before reading the first request-line, `HttpObjectDecoder` skips every byte for which...
1 affected package
netty
| Package | 22.04 LTS |
|---|---|
| netty | Needs evaluation |
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array...
1 affected package
netty
| Package | 22.04 LTS |
|---|---|
| netty | Needs evaluation |
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SimpleTrustManagerFactory.engineGetTrustManagers() and related paths wrap any...
1 affected package
netty
| Package | 22.04 LTS |
|---|---|
| netty | Needs evaluation |
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default...
1 affected package
netty
| Package | 22.04 LTS |
|---|---|
| netty | Needs evaluation |
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, a memory exhaustion vulnerability in the Netty HTTP/3 codec allows the creation of an infinite number of...
1 affected package
netty
| Package | 22.04 LTS |
|---|---|
| netty | Needs evaluation |
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every...
1 affected package
netty
| Package | 22.04 LTS |
|---|---|
| netty | Needs evaluation |