Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 26553 results

Status is adjusted based on your filters.


CVE-2024-9902

Medium priority
Needs evaluation

A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the...

2 affected packages

ansible, ansible-core

Package 20.04 LTS
ansible Needs evaluation
ansible-core Not in release
Show less packages

CVE-2024-51988

Medium priority
Not affected

RabbitMQ is a feature rich, multi-protocol messaging and streaming broker. In affected versions queue deletion via the HTTP API was not verifying the `configure` permission of the user. Users who had all of the following: 1. Valid...

1 affected packages

rabbitmq-server

Package 20.04 LTS
rabbitmq-server Not affected
Show less packages

CVE-2024-51755

Medium priority
Needs evaluation

Twig is a template language for PHP. In a sandbox, and attacker can access attributes of Array-like objects as they were not checked by the security policy. They are now checked via the property policy and the `__isset()` method...

2 affected packages

php-twig, twig

Package 20.04 LTS
php-twig Needs evaluation
twig Not in release
Show less packages

CVE-2024-51754

Medium priority
Needs evaluation

Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not allowed by the security policy when the object is part of an array or an argument list...

2 affected packages

php-twig, twig

Package 20.04 LTS
php-twig Needs evaluation
twig Not in release
Show less packages

CVE-2024-51736

Medium priority
Not affected

Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named `cmd.exe` is located in the current working directory it will be called by the...

1 affected packages

symfony

Package 20.04 LTS
symfony Not affected
Show less packages

CVE-2024-50345

Medium priority
Needs evaluation

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI with special characters the same way browsers do. As a...

1 affected packages

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2024-50343

Medium priority
Needs evaluation

symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a `Validator` configured with a regular expression using the `$` metacharacters, with an input ending...

1 affected packages

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2024-50342

Medium priority
Needs evaluation

symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some internal information is...

1 affected packages

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2024-50341

Medium priority
Needs evaluation

symfony/security-bundle is a module for the Symphony PHP framework which provides a tight integration of the Security component into the Symfony full-stack framework. The custom `user_checker` defined on a firewall is not called...

1 affected packages

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages

CVE-2024-50340

Medium priority
Needs evaluation

symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the `register_argv_argc` php directive is set to `on` , and users call any URL with a special crafted...

1 affected packages

symfony

Package 20.04 LTS
symfony Needs evaluation
Show less packages