Search CVE reports
21 – 30 of 31050 results
File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep() encounters a crafted file name
1 affected package
libfile-find-rule-perl
| Package | 20.04 LTS |
|---|---|
| libfile-find-rule-perl | Needs evaluation |
Potential log injection via unescaped request path
1 affected package
python-django
| Package | 20.04 LTS |
|---|---|
| python-django | Fixed |
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
1 affected package
wireshark
| Package | 20.04 LTS |
|---|---|
| wireshark | Needs evaluation |
billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
1 affected package
cacti
| Package | 20.04 LTS |
|---|---|
| cacti | Needs evaluation |
[WebSocket endless loop]
1 affected package
curl
| Package | 20.04 LTS |
|---|---|
| curl | Not affected |
Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive...
2 affected packages
libhibernate-validator-java, libhibernate-validator4-java
| Package | 20.04 LTS |
|---|---|
| libhibernate-validator-java | Needs evaluation |
| libhibernate-validator4-java | — |
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 20.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.4 | — |
| python3.5 | — |
| python3.6 | — |
| python3.7 | — |
| python3.8 | Not affected |
| python3.9 | Not affected |
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 20.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.4 | — |
| python3.5 | — |
| python3.6 | — |
| python3.7 | — |
| python3.8 | Not affected |
| python3.9 | Not affected |
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 20.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.4 | — |
| python3.5 | — |
| python3.6 | — |
| python3.7 | — |
| python3.8 | Not affected |
| python3.9 | Not affected |
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module...
11 affected packages
python2.7, python3.10, python3.11, python3.12, python3.13...
| Package | 20.04 LTS |
|---|---|
| python2.7 | Not affected |
| python3.10 | — |
| python3.11 | — |
| python3.12 | — |
| python3.13 | — |
| python3.4 | — |
| python3.5 | — |
| python3.6 | — |
| python3.7 | — |
| python3.8 | Not affected |
| python3.9 | Not affected |