Search CVE reports
21 – 30 of 49 results
Some fixes available 28 of 129
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
24 affected packages
firefox, smart, vtk, thunderbird, apache2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| firefox | Fixed | Fixed | Not in release | Ignored |
| smart | Not in release | Not in release | Not in release | Not affected |
| vtk | Not in release | Not in release | Not in release | Not in release |
| thunderbird | Ignored | Ignored | Not in release | Ignored |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected |
| ayttm | Not in release | Not in release | Not in release | Not in release |
| cableswig | Not in release | Not in release | Not in release | Not in release |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| expat | Fixed | Fixed | Fixed | Fixed |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vnc4 | Not in release | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xmlrpc-c | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libxmltok | Fixed | Fixed | Fixed | Fixed |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| matanza | Ignored | Ignored | Ignored | Ignored |
| coin3 | Not affected | Not affected | Not affected | Needs evaluation |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| insighttoolkit | Not in release | Not in release | Not in release | Not in release |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
Some fixes available 21 of 95
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
24 affected packages
apache2, apr-util, insighttoolkit, swish-e, tdom...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit | Not in release | Not in release | Not in release | Not in release |
| swish-e | Needs evaluation | Needs evaluation | Not affected | Not affected |
| tdom | Needs evaluation | Needs evaluation | Vulnerable | Vulnerable |
| vtk | Not in release | Not in release | Not in release | Not in release |
| matanza | Ignored | Ignored | Ignored | Ignored |
| expat | Fixed | Fixed | Fixed | Fixed |
| wbxml2 | Needs evaluation | Needs evaluation | Vulnerable | Vulnerable |
| ayttm | Not in release | Not in release | Not in release | Not in release |
| cableswig | Not in release | Not in release | Not in release | Not in release |
| cadaver | Needs evaluation | Needs evaluation | Not affected | Not affected |
| cmake | Not affected | Not affected | Not affected | Not affected |
| coin3 | Not affected | Not affected | Not affected | Vulnerable |
| firefox | Fixed | Fixed | Not in release | Ignored |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| libxmltok | Not affected | Not affected | Not affected | Not affected |
| smart | Not in release | Not in release | Not in release | Not affected |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| thunderbird | Ignored | Ignored | Not in release | Ignored |
| vnc4 | Not in release | Not in release | Not in release | Not affected |
| xmlrpc-c | Needs evaluation | Needs evaluation | Not affected | Not affected |
Some fixes available 21 of 100
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
24 affected packages
apache2, expat, apr-util, cableswig, cadaver...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apache2 | Not affected | Not affected | Not affected | Not affected |
| expat | Fixed | Fixed | Fixed | Fixed |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| cableswig | Not in release | Not in release | Not in release | Not in release |
| cadaver | Needs evaluation | Needs evaluation | Not affected | Not affected |
| coin3 | Not affected | Not affected | Not affected | Vulnerable |
| ayttm | Not in release | Not in release | Not in release | Not in release |
| cmake | Not affected | Not affected | Not affected | Not affected |
| firefox | Fixed | Fixed | Not in release | Ignored |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| insighttoolkit | Not in release | Not in release | Not in release | Not in release |
| libxmltok | Not affected | Not affected | Not affected | Not affected |
| matanza | Ignored | Ignored | Not affected | Not affected |
| smart | Not in release | Not in release | Not in release | Not affected |
| swish-e | Needs evaluation | Needs evaluation | Not affected | Not affected |
| tdom | Needs evaluation | Needs evaluation | Vulnerable | Vulnerable |
| thunderbird | Ignored | Ignored | Not in release | Ignored |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| vnc4 | Not in release | Not in release | Not in release | Vulnerable |
| vtk | Not in release | Not in release | Not in release | Not in release |
| wbxml2 | Needs evaluation | Needs evaluation | Vulnerable | Vulnerable |
| xmlrpc-c | Needs evaluation | Needs evaluation | Not affected | Not affected |
A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).
8 affected packages
hdf5, insighttoolkit4, kissplice, paraview, r-bloc-rhdf5...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| hdf5 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| insighttoolkit4 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| kissplice | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| paraview | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| r-bloc-rhdf5 | — | — | — | — |
| vtk | — | — | — | — |
| vtk6 | — | — | Needs evaluation | Needs evaluation |
| xdmf | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c. This vulnerability can lead to a Denial of Service (DoS).
6 affected packages
hdf5, insighttoolkit4, kissplice, paraview, vtk, xdmf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| hdf5 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| insighttoolkit4 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| kissplice | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| paraview | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vtk | — | — | — | — |
| xdmf | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.
6 affected packages
hdf5, insighttoolkit4, kissplice, paraview, vtk, xdmf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| hdf5 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| insighttoolkit4 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
| kissplice | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| paraview | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vtk | — | — | — | — |
| xdmf | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 32 of 135
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
24 affected packages
expat, apache2, apr-util, ayttm, cableswig...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| expat | Fixed | Fixed | Fixed | Fixed |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| ayttm | Not in release | Not in release | Not in release | Not in release |
| cableswig | Not in release | Not in release | Not in release | Not in release |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| cmake | Not affected | Not affected | Not affected | Not affected |
| coin3 | Not affected | Not affected | Not affected | Needs evaluation |
| firefox | Fixed | Fixed | Fixed | Fixed |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit | Not in release | Not in release | Not in release | Not in release |
| libxmltok | Fixed | Fixed | Fixed | Fixed |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| matanza | Ignored | Ignored | Ignored | Ignored |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| smart | Not in release | Not in release | Not in release | Not affected |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| thunderbird | Not affected | Fixed | Fixed | Ignored |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| vnc4 | Not in release | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vtk | Not in release | Not in release | Not in release | Not in release |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 32 of 135
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
24 affected packages
cmake, expat, vtk, apache2, apr-util...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| cmake | Not affected | Not affected | Not affected | Not affected |
| expat | Fixed | Fixed | Fixed | Fixed |
| vtk | Not in release | Not in release | Not in release | Not in release |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| ayttm | Not in release | Not in release | Not in release | Not in release |
| cableswig | Not in release | Not in release | Not in release | Not in release |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| coin3 | Not affected | Not affected | Not affected | Needs evaluation |
| firefox | Fixed | Fixed | Fixed | Fixed |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit | Not in release | Not in release | Not in release | Not in release |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| libxmltok | Fixed | Fixed | Fixed | Fixed |
| matanza | Ignored | Ignored | Ignored | Ignored |
| smart | Not in release | Not in release | Not in release | Not affected |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| thunderbird | Not affected | Fixed | Fixed | Ignored |
| vnc4 | Not in release | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 32 of 135
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
24 affected packages
coin3, apache2, apr-util, ayttm, cadaver...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| coin3 | Not affected | Not affected | Not affected | Needs evaluation |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| ayttm | Not in release | Not in release | Not in release | Not in release |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| cableswig | Not in release | Not in release | Not in release | Not in release |
| cmake | Not affected | Not affected | Not affected | Not affected |
| expat | Fixed | Fixed | Fixed | Fixed |
| firefox | Fixed | Fixed | Fixed | Fixed |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit | Not in release | Not in release | Not in release | Not in release |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| libxmltok | Fixed | Fixed | Fixed | Fixed |
| matanza | Ignored | Ignored | Ignored | Ignored |
| smart | Not in release | Not in release | Not in release | Not affected |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| thunderbird | Not affected | Fixed | Fixed | Ignored |
| vnc4 | Not in release | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vtk | Not in release | Not in release | Not in release | Not in release |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 32 of 135
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
24 affected packages
expat, ayttm, apache2, apr-util, cableswig...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| expat | Fixed | Fixed | Fixed | Fixed |
| ayttm | Not in release | Not in release | Not in release | Not in release |
| apache2 | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected |
| cableswig | Not in release | Not in release | Not in release | Not in release |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| cmake | Not affected | Not affected | Not affected | Not affected |
| coin3 | Not affected | Not affected | Not affected | Needs evaluation |
| firefox | Fixed | Fixed | Fixed | Fixed |
| gdcm | Not affected | Not affected | Not affected | Not affected |
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit | Not in release | Not in release | Not in release | Not in release |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| libxmltok | Fixed | Fixed | Fixed | Fixed |
| matanza | Ignored | Ignored | Ignored | Ignored |
| smart | Not in release | Not in release | Not in release | Not affected |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| texlive-bin | Not affected | Not affected | Not affected | Not affected |
| thunderbird | Not affected | Fixed | Fixed | Ignored |
| vnc4 | Not in release | Not in release | Not in release | Needs evaluation |
| vtk | Not in release | Not in release | Not in release | Not in release |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |