Search CVE reports
1 – 10 of 31070 results
CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode. CryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362.
1 affected package
libcryptx-perl
| Package | 20.04 LTS |
|---|---|
| libcryptx-perl | Needs evaluation |
os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when...
15 affected packages
golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...
| Package | 20.04 LTS |
|---|---|
| golang | — |
| golang-1.10 | — |
| golang-1.13 | Ignored |
| golang-1.14 | Ignored |
| golang-1.16 | Ignored |
| golang-1.17 | — |
| golang-1.18 | — |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.6 | — |
| golang-1.8 | — |
| golang-1.9 | — |
Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.
15 affected packages
golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...
| Package | 20.04 LTS |
|---|---|
| golang | — |
| golang-1.10 | — |
| golang-1.13 | Needs evaluation |
| golang-1.14 | Needs evaluation |
| golang-1.16 | Needs evaluation |
| golang-1.17 | — |
| golang-1.18 | — |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.6 | — |
| golang-1.8 | — |
| golang-1.9 | — |
Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon.
15 affected packages
golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...
| Package | 20.04 LTS |
|---|---|
| golang | — |
| golang-1.10 | — |
| golang-1.13 | Needs evaluation |
| golang-1.14 | Needs evaluation |
| golang-1.16 | Needs evaluation |
| golang-1.17 | — |
| golang-1.18 | — |
| golang-1.20 | — |
| golang-1.21 | — |
| golang-1.22 | — |
| golang-1.23 | — |
| golang-1.24 | — |
| golang-1.6 | — |
| golang-1.8 | — |
| golang-1.9 | — |
pgjdbc is an open source postgresql JDBC Driver. From 42.7.4 and until 42.7.7, when the PostgreSQL JDBC driver is configured with channel binding set to required (default value is prefer), the driver would incorrectly allow...
1 affected package
libpgjava
| Package | 20.04 LTS |
|---|---|
| libpgjava | Needs evaluation |
Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and...
1 affected package
nomad
| Package | 20.04 LTS |
|---|---|
| nomad | Needs evaluation |
Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.
1 affected package
libcryptx-perl
| Package | 20.04 LTS |
|---|---|
| libcryptx-perl | Needs evaluation |
Not in release
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to...
1 affected package
thunderbird
| Package | 20.04 LTS |
|---|---|
| thunderbird | Not in release |
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 20.04 LTS |
|---|---|
| firefox | Not in release |
| mozjs102 | — |
| mozjs115 | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| thunderbird | Not in release |
Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4.
9 affected packages
firefox, mozjs102, mozjs115, mozjs38, mozjs52...
| Package | 20.04 LTS |
|---|---|
| firefox | Not in release |
| mozjs102 | — |
| mozjs115 | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| thunderbird | Not in release |