Search CVE reports
21 – 30 of 36 results
CVE-2020-15114
Medium prioritySome fixes available 2 of 5
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of...
1 affected package
etcd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
etcd | Not affected | Not affected | Fixed | Fixed | Needs evaluation |
CVE-2020-15115
Low priorityetcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords...
1 affected package
etcd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
etcd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-15113
Medium prioritySome fixes available 2 of 12
In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with...
1 affected package
etcd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
etcd | Vulnerable | Vulnerable | Fixed | Fixed | Vulnerable |
CVE-2020-15112
Medium prioritySome fixes available 2 of 12
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as...
1 affected package
etcd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
etcd | Vulnerable | Vulnerable | Fixed | Fixed | Vulnerable |
CVE-2020-15106
Medium prioritySome fixes available 2 of 12
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is...
1 affected package
etcd
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
etcd | Vulnerable | Vulnerable | Fixed | Fixed | Vulnerable |
CVE-2019-20202
Medium priorityAn issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content() tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault.
5 affected packages
mapcache, navit, netcdf, netcdf-parallel, scilab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mapcache | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
navit | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
netcdf | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
netcdf-parallel | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
scilab | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-20201
Medium priorityAn issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML entities, leading to an infinite loop in which memory allocations occur.
4 affected packages
mapcache, netcdf, netcdf-parallel, scilab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mapcache | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
netcdf | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
netcdf-parallel | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
scilab | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-20200
Medium priorityAn issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature.
5 affected packages
mapcache, navit, netcdf, netcdf-parallel, scilab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mapcache | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
navit | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
netcdf | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
netcdf-parallel | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
scilab | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-20199
Low priorityAn issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while running strlen() on a NULL pointer.
4 affected packages
mapcache, netcdf, netcdf-parallel, scilab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mapcache | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Needs evaluation |
netcdf | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Needs evaluation |
netcdf-parallel | Vulnerable | Vulnerable | Vulnerable | Not in release | Ignored |
scilab | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Needs evaluation |
CVE-2019-20198
Medium priorityAn issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_ent_ok() mishandles recursion, leading to stack consumption for a crafted XML file.
5 affected packages
mapcache, navit, netcdf, netcdf-parallel, scilab
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mapcache | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
navit | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
netcdf | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
netcdf-parallel | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
scilab | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |