Search CVE reports


Toggle filters

31 – 36 of 36 results


CVE-2019-20007

Medium priority
Needs evaluation

An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxml_str2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer (in some compilers). After...

4 affected packages

mapcache, netcdf, netcdf-parallel, scilab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mapcache Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
netcdf Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
netcdf-parallel Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
scilab Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-20006

Medium priority
Needs evaluation

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentation fault.

4 affected packages

mapcache, netcdf, netcdf-parallel, scilab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mapcache Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
netcdf Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
netcdf-parallel Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
scilab Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-20005

Medium priority
Needs evaluation

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr() starting with a...

4 affected packages

mapcache, netcdf, netcdf-parallel, scilab

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
mapcache Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
netcdf Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
netcdf-parallel Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
scilab Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2018-16886

Medium priority
Vulnerable

etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate...

1 affected package

etcd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
etcd Not affected Not affected Not affected Vulnerable Not affected
Show less packages

CVE-2018-1099

Low priority
Vulnerable

DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).

1 affected package

etcd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
etcd Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2018-1098

Low priority
Vulnerable

A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically...

1 affected package

etcd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
etcd Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages