Search CVE reports
21 – 30 of 35504 results
Potential log injection via unescaped request path
1 affected package
python-django
| Package | 18.04 LTS |
|---|---|
| python-django | Needs evaluation |
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 18.04 LTS |
|---|---|
| wireshark | Needs evaluation |
billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
1 affected package
cacti
| Package | 18.04 LTS |
|---|---|
| cacti | Needs evaluation |
[WebSocket endless loop]
1 affected package
curl
| Package | 18.04 LTS |
|---|---|
| curl | Not affected |
Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive...
2 affected packages
libhibernate-validator-java, libhibernate-validator4-java
| Package | 18.04 LTS |
|---|---|
| libhibernate-validator-java | Needs evaluation |
| libhibernate-validator4-java | — |
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Not affected |
| python3.7 | Not affected |
| python3.8 | Not affected |
| python3.9 | — |
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Not affected |
| python3.7 | Not affected |
| python3.8 | Not affected |
| python3.9 | — |
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Not affected |
| python3.7 | Not affected |
| python3.8 | Not affected |
| python3.9 | — |
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 18.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.4 | — |
| python3.5 | — |
| python3.6 | Not affected |
| python3.7 | Not affected |
| python3.8 | Not affected |
| python3.9 | — |
Jupyter Core is a package for the core common functionality of Jupyter projects. When using Jupyter Core prior to version 5.8.0 on Windows, the shared `%PROGRAMDATA%` directory is searched for configuration...
1 affected package
jupyter-core
| Package | 18.04 LTS |
|---|---|
| jupyter-core | Needs evaluation |