Search CVE reports
21 – 30 of 60899 results
[encoding/pem: quadratic complexity when parsing some invalid inputs]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
python-jose thru 3.3.0 allows JWT tokens with 'alg=none' to be decoded and accepted without any cryptographic signature verification. A malicious actor can craft a forged token with arbitrary claims (e.g., is_admin=true) and...
1 affected package
python-jose
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| python-jose | Needs evaluation | Needs evaluation | — | — |
[crypto/tls: ALPN negotiation errors can contain arbitrary text]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[crypto/x509: panic when validating certificates with DSA public keys]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[crypto/x509: quadratic complexity when checking name constraints]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[net/http: lack of limit when parsing cookies can cause memory exhaustion]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[encoding/asn1: pre-allocating memory when parsing DER payload can cause memory exhaustion]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[archive/tar: unbounded allocation when parsing GNU sparse map]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
[net/url: insufficient validation of bracketed IPv6 hostnames]
16 affected packages
golang, golang-1.6, golang-1.8, golang-1.9, golang-1.10...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| golang | Not in release | Not in release | — | — |
| golang-1.6 | Not in release | Not in release | — | — |
| golang-1.8 | Not in release | Not in release | — | Needs evaluation |
| golang-1.9 | Not in release | Not in release | — | Needs evaluation |
| golang-1.10 | Not in release | Not in release | — | Needs evaluation |
| golang-1.13 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.14 | Not in release | Not in release | Needs evaluation | — |
| golang-1.16 | Not in release | Not in release | Needs evaluation | Needs evaluation |
| golang-1.17 | Not in release | Needs evaluation | — | — |
| golang-1.18 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| golang-1.20 | Not in release | Needs evaluation | Needs evaluation | — |
| golang-1.21 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.22 | Needs evaluation | Needs evaluation | Needs evaluation | — |
| golang-1.23 | Needs evaluation | Needs evaluation | — | — |
| golang-1.24 | Not in release | Not in release | — | — |
| golang-1.25 | Not in release | Not in release | — | — |
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix incorrect io_kiocb reference in io_link_skb In io_link_skb function, there is a bug where prev_notif is incorrectly assigned using 'nd' instead of...
143 affected packages
linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| linux-hwe | Not in release | Not in release | — | Ignored |
| linux-hwe-5.4 | Not in release | Not in release | — | Needs evaluation |
| linux-hwe-5.8 | Not in release | Not in release | Ignored | — |
| linux-hwe-5.11 | Not in release | Not in release | Ignored | — |
| linux-hwe-5.13 | Not in release | Not in release | Ignored | — |
| linux-hwe-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-hwe-5.19 | Not in release | Ignored | — | — |
| linux-hwe-6.2 | Not in release | Ignored | — | — |
| linux-hwe-6.5 | Not in release | Ignored | — | — |
| linux-hwe-6.8 | Not in release | Needs evaluation | — | — |
| linux-hwe-6.11 | Ignored | Not in release | — | — |
| linux-hwe-6.14 | Needs evaluation | Not in release | — | — |
| linux-hwe-edge | Not in release | Not in release | — | Ignored |
| linux-lts-xenial | Not in release | Not in release | — | — |
| linux-kvm | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| linux-allwinner-5.19 | Not in release | Ignored | — | — |
| linux-aws | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| linux-aws-5.0 | Not in release | Not in release | — | Ignored |
| linux-aws-5.3 | Not in release | Not in release | — | Ignored |
| linux-aws-5.4 | Not in release | Not in release | — | Needs evaluation |
| linux-aws-5.8 | Not in release | Not in release | Ignored | — |
| linux-aws-5.11 | Not in release | Not in release | Ignored | — |
| linux-aws-5.13 | Not in release | Not in release | Ignored | — |
| linux-aws-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-aws-5.19 | Not in release | Ignored | — | — |
| linux-aws-6.2 | Not in release | Ignored | — | — |
| linux-aws-6.5 | Not in release | Ignored | — | — |
| linux-aws-6.8 | Not in release | Needs evaluation | — | — |
| linux-aws-6.14 | Needs evaluation | Not in release | — | — |
| linux-aws-hwe | Not in release | Not in release | — | — |
| linux-azure | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
| linux-azure-4.15 | Not in release | Not in release | — | Needs evaluation |
| linux-azure-5.3 | Not in release | Not in release | — | Ignored |
| linux-azure-5.4 | Not in release | Not in release | — | Needs evaluation |
| linux-azure-5.8 | Not in release | Not in release | Ignored | — |
| linux-azure-5.11 | Not in release | Not in release | Ignored | — |
| linux-azure-5.13 | Not in release | Not in release | Ignored | — |
| linux-azure-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-azure-5.19 | Not in release | Ignored | — | — |
| linux-azure-6.2 | Not in release | Ignored | — | — |
| linux-azure-6.5 | Not in release | Ignored | — | — |
| linux-azure-6.8 | Not in release | Needs evaluation | — | — |
| linux-azure-6.11 | Ignored | Not in release | — | — |
| linux-azure-fde | Not in release | Needs evaluation | Ignored | — |
| linux-azure-fde-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-azure-fde-5.19 | Not in release | Ignored | — | — |
| linux-azure-fde-6.2 | Not in release | Ignored | — | — |
| linux-azure-nvidia | Needs evaluation | Not in release | — | — |
| linux-bluefield | Not in release | Not in release | Needs evaluation | — |
| linux-azure-edge | Not in release | Not in release | — | Ignored |
| linux-fips | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| linux-aws-fips | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| linux-azure-fips | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| linux-gcp-fips | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| linux-gcp | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
| linux-gcp-4.15 | Not in release | Not in release | — | Needs evaluation |
| linux-gcp-5.3 | Not in release | Not in release | — | Ignored |
| linux-gcp-5.4 | Not in release | Not in release | — | Needs evaluation |
| linux-gcp-5.8 | Not in release | Not in release | Ignored | — |
| linux-gcp-5.11 | Not in release | Not in release | Ignored | — |
| linux-gcp-5.13 | Not in release | Not in release | Ignored | — |
| linux-gcp-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-gcp-5.19 | Not in release | Ignored | — | — |
| linux-gcp-6.2 | Not in release | Ignored | — | — |
| linux-gcp-6.5 | Not in release | Ignored | — | — |
| linux-gcp-6.8 | Not in release | Needs evaluation | — | — |
| linux-gcp-6.11 | Ignored | Not in release | — | — |
| linux-gcp-6.14 | Needs evaluation | Not in release | — | — |
| linux-gke | Needs evaluation | Needs evaluation | Ignored | — |
| linux-gke-4.15 | Not in release | Not in release | — | Ignored |
| linux-gke-5.4 | Not in release | Not in release | — | Ignored |
| linux-gke-5.15 | Not in release | Not in release | Ignored | — |
| linux-gkeop | Needs evaluation | Needs evaluation | Ignored | — |
| linux-gkeop-5.4 | Not in release | Not in release | — | Ignored |
| linux-gkeop-5.15 | Not in release | Not in release | Ignored | — |
| linux-ibm | Needs evaluation | Needs evaluation | Needs evaluation | — |
| linux-ibm-5.4 | Not in release | Not in release | — | Needs evaluation |
| linux-ibm-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-ibm-6.8 | Not in release | Needs evaluation | — | — |
| linux-intel-5.13 | Not in release | Not in release | Ignored | — |
| linux-intel-iotg | Not in release | Needs evaluation | — | — |
| linux-intel-iotg-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-iot | Not in release | Not in release | Needs evaluation | — |
| linux-intel-iot-realtime | Not in release | Needs evaluation | — | — |
| linux-lowlatency | Needs evaluation | Needs evaluation | — | — |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-lowlatency-hwe-5.19 | Not in release | Ignored | — | — |
| linux-lowlatency-hwe-6.2 | Not in release | Ignored | — | — |
| linux-lowlatency-hwe-6.5 | Not in release | Ignored | — | — |
| linux-lowlatency-hwe-6.8 | Not in release | Needs evaluation | — | — |
| linux-lowlatency-hwe-6.11 | Ignored | Not in release | — | — |
| linux-nvidia | Needs evaluation | Needs evaluation | — | — |
| linux-nvidia-6.2 | Not in release | Ignored | — | — |
| linux-nvidia-6.5 | Not in release | Ignored | — | — |
| linux-nvidia-6.8 | Not in release | Needs evaluation | — | — |
| linux-nvidia-6.11 | Needs evaluation | Not in release | — | — |
| linux-nvidia-lowlatency | Needs evaluation | Not in release | — | — |
| linux-nvidia-tegra | Needs evaluation | Needs evaluation | — | — |
| linux-nvidia-tegra-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-nvidia-tegra-igx | Not in release | Needs evaluation | — | — |
| linux-oracle | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| linux-oracle-5.0 | Not in release | Not in release | — | Ignored |
| linux-oracle-5.3 | Not in release | Not in release | — | Ignored |
| linux-oracle-5.4 | Not in release | Not in release | — | Needs evaluation |
| linux-oracle-5.8 | Not in release | Not in release | Ignored | — |
| linux-oracle-5.11 | Not in release | Not in release | Ignored | — |
| linux-oracle-5.13 | Not in release | Not in release | Ignored | — |
| linux-oracle-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-oracle-6.5 | Not in release | Ignored | — | — |
| linux-oracle-6.8 | Not in release | Needs evaluation | — | — |
| linux-oracle-6.14 | Needs evaluation | Not in release | — | — |
| linux-oem | Not in release | Not in release | — | Ignored |
| linux-oem-5.6 | Not in release | Not in release | Ignored | — |
| linux-oem-5.10 | Not in release | Not in release | Ignored | — |
| linux-oem-5.13 | Not in release | Not in release | Ignored | — |
| linux-oem-5.14 | Not in release | Not in release | Ignored | — |
| linux-oem-5.17 | Not in release | Ignored | — | — |
| linux-oem-6.0 | Not in release | Ignored | — | — |
| linux-oem-6.1 | Not in release | Ignored | — | — |
| linux-oem-6.5 | Not in release | Ignored | — | — |
| linux-oem-6.8 | Needs evaluation | Not in release | — | — |
| linux-oem-6.11 | Needs evaluation | Not in release | — | — |
| linux-oem-6.14 | Needs evaluation | Not in release | — | — |
| linux-raspi | Needs evaluation | Needs evaluation | Needs evaluation | — |
| linux-raspi2 | Not in release | Not in release | Ignored | — |
| linux-raspi-5.4 | Not in release | Not in release | — | Needs evaluation |
| linux-raspi-realtime | Needs evaluation | Not in release | — | — |
| linux-realtime | Needs evaluation | Needs evaluation | — | — |
| linux-realtime-6.8 | Not in release | Needs evaluation | — | — |
| linux-realtime-6.14 | Needs evaluation | Not in release | — | — |
| linux-riscv | Ignored | Ignored | Ignored | — |
| linux-riscv-5.8 | Not in release | Not in release | Ignored | — |
| linux-riscv-5.11 | Not in release | Not in release | Ignored | — |
| linux-riscv-5.15 | Not in release | Not in release | Needs evaluation | — |
| linux-riscv-5.19 | Not in release | Ignored | — | — |
| linux-riscv-6.5 | Not in release | Ignored | — | — |
| linux-riscv-6.8 | Not in release | Needs evaluation | — | — |
| linux-riscv-6.14 | Needs evaluation | Not in release | — | — |
| linux-starfive-5.19 | Not in release | Ignored | — | — |
| linux-starfive-6.2 | Not in release | Ignored | — | — |
| linux-starfive-6.5 | Not in release | Ignored | — | — |
| linux-xilinx-zynqmp | Not in release | Needs evaluation | Needs evaluation | — |