Search CVE reports
1 – 10 of 40886 results
pip would treat console_scripts and gui_scripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory.
1 affected package
python-pip
| Package | 20.04 LTS |
|---|---|
| python-pip | Needs evaluation |
(Observable Timing Discrepancy vulnerabilitywhen comparing AJP secret i ...)
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 20.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | — |
| tomcat9 | Vulnerable |
| tomcat10 | — |
| tomcat11 | — |
(Improper Handling of Case Sensitivity vulnerability in LockOutRealm in ...)
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 20.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | — |
| tomcat9 | Vulnerable |
| tomcat10 | — |
| tomcat11 | — |
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image.
1 affected package
golang-golang-x-image
| Package | 20.04 LTS |
|---|---|
| golang-golang-x-image | Needs evaluation |
[Unknown description]
1 affected package
apache-directory-api
| Package | 20.04 LTS |
|---|---|
| apache-directory-api | Needs evaluation |
(A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the ...)
1 affected package
dcmtk
| Package | 20.04 LTS |
|---|---|
| dcmtk | Needs evaluation |
(A NULL pointer dereference in GPAC MP4Box: when parsing certain trunca ...)
1 affected package
gpac
| Package | 20.04 LTS |
|---|---|
| gpac | Needs evaluation |
Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client.
1 affected package
exim4
| Package | 20.04 LTS |
|---|---|
| exim4 | Fixed |
A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` function by sending a malicious HTTP request. This vulnerability occurs when...
2 affected packages
libsoup2.4, libsoup3
| Package | 20.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
[Unknown description]
1 affected package
php-guzzlehttp-psr7
| Package | 20.04 LTS |
|---|---|
| php-guzzlehttp-psr7 | Needs evaluation |