Search CVE reports
361 – 370 of 26567 results
GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent...
1 affected package
python-git
| Package | 26.04 LTS |
|---|---|
| python-git | Needs evaluation |
A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this...
1 affected package
gnutls28
| Package | 26.04 LTS |
|---|---|
| gnutls28 | Needs evaluation |
fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "-->" sequence in comment content or the "]]>" sequence in...
1 affected package
node-webfont
| Package | 26.04 LTS |
|---|---|
| node-webfont | Needs evaluation |
Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authenticated users can run the Incus server out of disk space, potentially taking down the host system. The...
2 affected packages
incus, lxd
| Package | 26.04 LTS |
|---|---|
| incus | Needs evaluation |
| lxd | Not in release |
Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo() trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file...
2 affected packages
incus, lxd
| Package | 26.04 LTS |
|---|---|
| incus | Needs evaluation |
| lxd | Not in release |
Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This was making it easy for...
2 affected packages
incus, lxd
| Package | 26.04 LTS |
|---|---|
| incus | Needs evaluation |
| lxd | Not in release |
Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a truncated storage bucket backup file....
1 affected package
incus
| Package | 26.04 LTS |
|---|---|
| incus | Needs evaluation |
A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending...
1 affected package
gnutls28
| Package | 26.04 LTS |
|---|---|
| gnutls28 | Needs evaluation |
Memory safety bugs present in Thunderbird 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 26.04 LTS |
|---|---|
| firefox | Not affected |
| thunderbird | Not affected |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
| mozjs115 | Not in release |
Memory safety bugs present in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 26.04 LTS |
|---|---|
| firefox | Not affected |
| thunderbird | Not affected |
| mozjs38 | Not in release |
| mozjs52 | Not in release |
| mozjs68 | Not in release |
| mozjs78 | Not in release |
| mozjs91 | Not in release |
| mozjs102 | Not in release |
| mozjs115 | Not in release |