Search CVE reports
71 – 80 of 32653 results
(This is an uncontrolled resource consumption vulnerability (CWE-400) t ...)
1 affected package
node-undici
| Package | 24.04 LTS |
|---|---|
| node-undici | Needs evaluation |
(ImpactThe undici WebSocket client is vulnerable to a denial-of-service ...)
1 affected package
node-undici
| Package | 24.04 LTS |
|---|---|
| node-undici | Needs evaluation |
(ImpactA server can reply with a WebSocket frame using the 64-bit lengt ...)
1 affected package
node-undici
| Package | 24.04 LTS |
|---|---|
| node-undici | Needs evaluation |
(ImpactWhen an application passes user-controlled input to theupgradeop ...)
1 affected package
node-undici
| Package | 24.04 LTS |
|---|---|
| node-undici | Needs evaluation |
(The undici WebSocket client is vulnerable to a denial-of-service attac ...)
1 affected package
node-undici
| Package | 24.04 LTS |
|---|---|
| node-undici | Needs evaluation |
(Undici allows duplicate HTTPContent-Lengthheaders when they are provid ...)
1 affected package
node-undici
| Package | 24.04 LTS |
|---|---|
| node-undici | Needs evaluation |
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.
2 affected packages
sqlite, sqlite3
| Package | 24.04 LTS |
|---|---|
| sqlite | Not in release |
| sqlite3 | Not affected |
(The "tarfile" module would still apply normalization of AREGTYPE (\x00 ...)
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 24.04 LTS |
|---|---|
| python2.7 | Not in release |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Not in release |
| python3.11 | Not in release |
| python3.12 | Needs evaluation |
| python3.13 | Not in release |
| python3.14 | Not in release |
Some fixes available 1 of 2
OpenSSH GSSAPI Key Exchange Pre-Authentication Uninitialized Pointer Dereference, Heap Corruption, and Privsep Boundary Violation
2 affected packages
openssh, openssh-ssh1
| Package | 24.04 LTS |
|---|---|
| openssh | Fixed |
| openssh-ssh1 | Ignored |
(A vulnerability was detected in rui314 mold up to 2.40.4. This issue a ...)
1 affected package
mold
| Package | 24.04 LTS |
|---|---|
| mold | Needs evaluation |