Search CVE reports
391 – 400 of 26567 results
xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package...
1 affected package
node-xmldom
| Package | 26.04 LTS |
|---|---|
| node-xmldom | Needs evaluation |
xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes...
1 affected package
node-xmldom
| Package | 26.04 LTS |
|---|---|
| node-xmldom | Needs evaluation |
xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, seven recursive traversals in...
1 affected package
node-xmldom
| Package | 26.04 LTS |
|---|---|
| node-xmldom | Needs evaluation |
xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package...
1 affected package
node-xmldom
| Package | 26.04 LTS |
|---|---|
| node-xmldom | Needs evaluation |
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP where a malformed BGP UPDATE message can...
1 affected package
gobgp
| Package | 26.04 LTS |
|---|---|
| gobgp | Needs evaluation |
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP due to a nil pointer dereference. When...
1 affected package
gobgp
| Package | 26.04 LTS |
|---|---|
| gobgp | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to...
1 affected package
openexr
| Package | 26.04 LTS |
|---|---|
| openexr | Needs evaluation |
Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`. The constructors reject CRLF and whitespace characters that...
1 affected package
netty
| Package | 26.04 LTS |
|---|---|
| netty | Needs evaluation |
Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the...
2 affected packages
incus, lxd
| Package | 26.04 LTS |
|---|---|
| incus | Needs evaluation |
| lxd | Not in release |
Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database. The OVN...
1 affected package
incus
| Package | 26.04 LTS |
|---|---|
| incus | Needs evaluation |