CVE search results

1 – 5 of 5 results

Detailed view

Sort by:

CVE-2022-33070

Medium priority

Some fixes available 10 of 87

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

9 affected packages

argyll, ccextractor, libgadu, libpg-query, libsignal-protocol-c...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
argyll	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ccextractor	Needs evaluation	Needs evaluation	Needs evaluation	—
libgadu	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libpg-query	Needs evaluation	Needs evaluation	—	—
libsignal-protocol-c	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ocserv	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
pidgin	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
protobuf-c	Fixed	Fixed	Fixed	Needs evaluation
sudo	Not affected	Fixed	Not affected	Not affected

CVE-2013-4488

Low priority

Vulnerable

libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers.

1 affected package

libgadu

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgadu	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2014-3775

Medium priority

Some fixes available 15 of 17

libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.

2 affected packages

pidgin, libgadu

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
pidgin	—	—	—	Fixed
libgadu	—	—	—	Not affected

CVE-2013-6487

Medium priority

Some fixes available 6 of 8

Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow.

2 affected packages

libgadu, pidgin

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libgadu	—	—	—	—
pidgin	—	—	—	—

CVE-2008-4776

Low priority

Some fixes available 6 of 7

libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.

3 affected packages

ekg, kadu, libgadu

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ekg	—	—	—	—
kadu	—	—	—	—
libgadu	—	—	—	—

Search CVE reports