-
Notifications
You must be signed in to change notification settings - Fork 0
dockerhub.hi.inet evolved 5g infolysisnetapp
Alejandro Molina Sanchez edited this page Jul 5, 2022
·
5 revisions
| Severity | Number of vulnerabilities |
|---|---|
| CRITICAL | 1 |
| HIGH | 21 |
| MEDIUM | 405 |
| LOW | 233 |
| Severity | ID | Title | PkgName | InstalledVersion | FixedVersion |
|---|---|---|---|---|---|
| CRITICAL | CVE-2022-24065 | The package cookiecutter before 2.1.1 are vulnerable to Command Inject ... | cookiecutter | 1.7.3 | 2.1.1 |
| HIGH | CVE-2022-25235 | expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| HIGH | CVE-2022-25236 | expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary cod | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| HIGH | CVE-2022-24407 | cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL command | libsasl2-2 | 2.1.27~101-g0780600+dfsg-3ubuntu2.1 | 2.1.27~101-g0780600+dfsg-3ubuntu2.4 |
| HIGH | CVE-2022-24407 | cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL command | libsasl2-modules | 2.1.27~101-g0780600+dfsg-3ubuntu2.1 | 2.1.27~101-g0780600+dfsg-3ubuntu2.4 |
| HIGH | CVE-2022-24407 | cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL command | libsasl2-modules-db | 2.1.27~101-g0780600+dfsg-3ubuntu2.1 | 2.1.27~101-g0780600+dfsg-3ubuntu2.4 |
| HIGH | CVE-2020-1971 | openssl: EDIPARTYNAME NULL pointer de-reference | libssl1.0-dev | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.5 |
| HIGH | CVE-2022-0778 | openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates | libssl1.0-dev | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.8 |
| HIGH | CVE-2020-1971 | openssl: EDIPARTYNAME NULL pointer de-reference | libssl1.0.0 | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.5 |
| HIGH | CVE-2022-0778 | openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates | libssl1.0.0 | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.8 |
| HIGH | CVE-2020-1971 | openssl: EDIPARTYNAME NULL pointer de-reference | libssl1.1 | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 |
| HIGH | CVE-2021-3449 | openssl: NULL pointer dereference in signature_algorithms processing | libssl1.1 | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 |
| HIGH | CVE-2021-3711 | openssl: SM2 Decryption Buffer Overflow | libssl1.1 | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 |
| HIGH | CVE-2022-0778 | openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates | libssl1.1 | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.15 |
| HIGH | CVE-2021-33910 | systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash | libsystemd0 | 237-3ubuntu10.42 | 237-3ubuntu10.49 |
| HIGH | CVE-2021-33910 | systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash | libudev1 | 237-3ubuntu10.42 | 237-3ubuntu10.49 |
| HIGH | CVE-2020-1971 | openssl: EDIPARTYNAME NULL pointer de-reference | openssl | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.7 |
| HIGH | CVE-2021-3449 | openssl: NULL pointer dereference in signature_algorithms processing | openssl | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.9 |
| HIGH | CVE-2021-3711 | openssl: SM2 Decryption Buffer Overflow | openssl | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 |
| HIGH | CVE-2022-0778 | openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates | openssl | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.15 |
| HIGH | CVE-2020-7746 | chart.js: prototype pollution | chart.js | 1.0.2 | 2.9.4 |
| HIGH | CVE-2016-7103 | jquery-ui: cross-site scripting in dialog closeText | jquery-ui | 1.11.4 | >=1.12.0 |
| MEDIUM | CVE-2019-17567 | httpd: mod_proxy_wstunnel tunneling of non Upgraded connection | apache2 | 2.4.29-1ubuntu4.14 | |
| MEDIUM | CVE-2021-26690 | httpd: mod_session: NULL pointer dereference when parsing Cookie header | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-26691 | httpd: mod_session: Heap overflow via a crafted SessionHeader value | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-30641 | httpd: Unexpected URL matching with 'MergeSlashes OFF' | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-33193 | httpd: Request splitting via HTTP/2 method injection and mod_proxy | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-34798 | httpd: NULL pointer dereference via malformed requests | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-39275 | httpd: Out-of-bounds write in ap_escape_quotes() via malicious input | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-40438 | httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.18 |
| MEDIUM | CVE-2021-44224 | httpd: possible NULL dereference or SSRF in forward proxy configurations | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.21 |
| MEDIUM | CVE-2021-44790 | httpd: mod_lua: Possible buffer overflow when parsing multipart content | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.21 |
| MEDIUM | CVE-2022-22719 | httpd: mod_lua: Use of uninitialized value of in r:parsebody | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-22720 | httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-23943 | httpd: mod_sed: Read/write beyond bounds | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-26377 | httpd: mod_proxy_ajp: Possible request smuggling | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-28615 | httpd: out-of-bounds read in ap_strcmp_match() | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-29404 | httpd: mod_lua: DoS in r:parsebody | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-30522 | httpd: mod_sed: DoS vulnerability | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.25 |
| MEDIUM | CVE-2022-30556 | httpd: mod_lua: Information disclosure with websockets | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-31813 | httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2019-17567 | httpd: mod_proxy_wstunnel tunneling of non Upgraded connection | apache2-bin | 2.4.29-1ubuntu4.14 | |
| MEDIUM | CVE-2021-26690 | httpd: mod_session: NULL pointer dereference when parsing Cookie header | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-26691 | httpd: mod_session: Heap overflow via a crafted SessionHeader value | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-30641 | httpd: Unexpected URL matching with 'MergeSlashes OFF' | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-33193 | httpd: Request splitting via HTTP/2 method injection and mod_proxy | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-34798 | httpd: NULL pointer dereference via malformed requests | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-39275 | httpd: Out-of-bounds write in ap_escape_quotes() via malicious input | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-40438 | httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.18 |
| MEDIUM | CVE-2021-44224 | httpd: possible NULL dereference or SSRF in forward proxy configurations | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.21 |
| MEDIUM | CVE-2021-44790 | httpd: mod_lua: Possible buffer overflow when parsing multipart content | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.21 |
| MEDIUM | CVE-2022-22719 | httpd: mod_lua: Use of uninitialized value of in r:parsebody | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-22720 | httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-23943 | httpd: mod_sed: Read/write beyond bounds | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-26377 | httpd: mod_proxy_ajp: Possible request smuggling | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-28615 | httpd: out-of-bounds read in ap_strcmp_match() | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-29404 | httpd: mod_lua: DoS in r:parsebody | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-30522 | httpd: mod_sed: DoS vulnerability | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.25 |
| MEDIUM | CVE-2022-30556 | httpd: mod_lua: Information disclosure with websockets | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-31813 | httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2019-17567 | httpd: mod_proxy_wstunnel tunneling of non Upgraded connection | apache2-data | 2.4.29-1ubuntu4.14 | |
| MEDIUM | CVE-2021-26690 | httpd: mod_session: NULL pointer dereference when parsing Cookie header | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-26691 | httpd: mod_session: Heap overflow via a crafted SessionHeader value | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-30641 | httpd: Unexpected URL matching with 'MergeSlashes OFF' | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-33193 | httpd: Request splitting via HTTP/2 method injection and mod_proxy | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-34798 | httpd: NULL pointer dereference via malformed requests | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-39275 | httpd: Out-of-bounds write in ap_escape_quotes() via malicious input | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-40438 | httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.18 |
| MEDIUM | CVE-2021-44224 | httpd: possible NULL dereference or SSRF in forward proxy configurations | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.21 |
| MEDIUM | CVE-2021-44790 | httpd: mod_lua: Possible buffer overflow when parsing multipart content | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.21 |
| MEDIUM | CVE-2022-22719 | httpd: mod_lua: Use of uninitialized value of in r:parsebody | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-22720 | httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-23943 | httpd: mod_sed: Read/write beyond bounds | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-26377 | httpd: mod_proxy_ajp: Possible request smuggling | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-28615 | httpd: out-of-bounds read in ap_strcmp_match() | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-29404 | httpd: mod_lua: DoS in r:parsebody | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-30522 | httpd: mod_sed: DoS vulnerability | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.25 |
| MEDIUM | CVE-2022-30556 | httpd: mod_lua: Information disclosure with websockets | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-31813 | httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2019-17567 | httpd: mod_proxy_wstunnel tunneling of non Upgraded connection | apache2-utils | 2.4.29-1ubuntu4.14 | |
| MEDIUM | CVE-2021-26690 | httpd: mod_session: NULL pointer dereference when parsing Cookie header | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-26691 | httpd: mod_session: Heap overflow via a crafted SessionHeader value | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-30641 | httpd: Unexpected URL matching with 'MergeSlashes OFF' | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| MEDIUM | CVE-2021-33193 | httpd: Request splitting via HTTP/2 method injection and mod_proxy | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-34798 | httpd: NULL pointer dereference via malformed requests | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-39275 | httpd: Out-of-bounds write in ap_escape_quotes() via malicious input | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.17 |
| MEDIUM | CVE-2021-40438 | httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.18 |
| MEDIUM | CVE-2021-44224 | httpd: possible NULL dereference or SSRF in forward proxy configurations | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.21 |
| MEDIUM | CVE-2021-44790 | httpd: mod_lua: Possible buffer overflow when parsing multipart content | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.21 |
| MEDIUM | CVE-2022-22719 | httpd: mod_lua: Use of uninitialized value of in r:parsebody | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-22720 | httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-23943 | httpd: mod_sed: Read/write beyond bounds | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| MEDIUM | CVE-2022-26377 | httpd: mod_proxy_ajp: Possible request smuggling | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-28615 | httpd: out-of-bounds read in ap_strcmp_match() | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-29404 | httpd: mod_lua: DoS in r:parsebody | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-30522 | httpd: mod_sed: DoS vulnerability | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.25 |
| MEDIUM | CVE-2022-30556 | httpd: mod_lua: Information disclosure with websockets | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2022-31813 | httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| MEDIUM | CVE-2020-27350 | apt: integer overflows and underflows while parsing .deb packages | apt | 1.6.12ubuntu0.1 | 1.6.12ubuntu0.2 |
| MEDIUM | CVE-2020-8285 | curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.12 |
| MEDIUM | CVE-2020-8286 | curl: Inferior OCSP verification | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.12 |
| MEDIUM | CVE-2021-22876 | curl: Leak of authentication credentials in URL via automatic Referer | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.13 |
| MEDIUM | CVE-2021-22924 | curl: Bad connection reuse due to flawed path name checks | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.14 |
| MEDIUM | CVE-2021-22925 | curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.14 |
| MEDIUM | CVE-2021-22946 | curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.15 |
| MEDIUM | CVE-2021-22947 | curl: Server responses received before STARTTLS processed after TLS handshake | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.15 |
| MEDIUM | CVE-2022-22576 | curl: OAUTH2 bearer bypass in connection re-use | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.17 |
| MEDIUM | CVE-2022-27774 | curl: credential leak on redirect | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.17 |
| MEDIUM | CVE-2022-27782 | curl: TLS and SSH connection too eager reuse | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.18 |
| MEDIUM | CVE-2022-32206 | curl: HTTP compression denial of service | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.19 |
| MEDIUM | CVE-2022-32208 | curl: FTP-KRB bad message verification | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.19 |
| MEDIUM | CVE-2022-1664 | Dpkg::Source::Archive in dpkg, the Debian package management system, b ... | dpkg | 1.19.0.5ubuntu2.3 | 1.19.0.5ubuntu2.4 |
| MEDIUM | CVE-2022-1304 | e2fsprogs: out-of-bounds read/write via crafted filesystem | e2fsprogs | 1.44.1-1ubuntu1.3 | 1.44.1-1ubuntu1.4 |
| MEDIUM | CVE-2020-13844 | kernel: ARM straight-line speculation vulnerability | gcc-8-base | 8.4.0-1ubuntu1~18.04 | |
| MEDIUM | CVE-2021-21300 | git: remote code execution during clone operation on case-insensitive filesystems | git | 1:2.17.1-1ubuntu0.7 | 1:2.17.1-1ubuntu0.8 |
| MEDIUM | CVE-2021-40330 | git: unexpected cross-protocol requests via a repository path containing a newline character | git | 1:2.17.1-1ubuntu0.7 | 1:2.17.1-1ubuntu0.9 |
| MEDIUM | CVE-2022-24765 | git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree | git | 1:2.17.1-1ubuntu0.7 | 1:2.17.1-1ubuntu0.11 |
| MEDIUM | CVE-2021-21300 | git: remote code execution during clone operation on case-insensitive filesystems | git-man | 1:2.17.1-1ubuntu0.7 | 1:2.17.1-1ubuntu0.8 |
| MEDIUM | CVE-2021-40330 | git: unexpected cross-protocol requests via a repository path containing a newline character | git-man | 1:2.17.1-1ubuntu0.7 | 1:2.17.1-1ubuntu0.9 |
| MEDIUM | CVE-2022-24765 | git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree | git-man | 1:2.17.1-1ubuntu0.7 | 1:2.17.1-1ubuntu0.11 |
| MEDIUM | CVE-2022-1271 | gzip: arbitrary-file-write vulnerability | gzip | 1.6-5ubuntu1 | 1.6-5ubuntu1.2 |
| MEDIUM | CVE-2018-20217 | krb5: Reachable assertion in the KDC using S4U2Self requests | krb5-locales | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2020-28196 | krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may | krb5-locales | 1.16-2ubuntu0.1 | 1.16-2ubuntu0.2 |
| MEDIUM | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | krb5-locales | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | krb5-locales | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2016-1585 | In all versions of AppArmor mount rules are accidentally widened when ... | libapparmor1 | 2.12-4ubuntu5.1 | |
| MEDIUM | CVE-2020-27350 | apt: integer overflows and underflows while parsing .deb packages | libapt-pkg5.0 | 1.6.12ubuntu0.1 | 1.6.12ubuntu0.2 |
| MEDIUM | CVE-2021-3672 | c-ares: Missing input validation of host names may lead to domain hijacking | libc-ares2 | 1.14.0-1 | 1.14.0-1ubuntu0.1 |
| MEDIUM | CVE-2021-3999 | glibc: Off-by-one buffer overflow/underflow in getcwd() | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| MEDIUM | CVE-2021-3999 | glibc: Off-by-one buffer overflow/underflow in getcwd() | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| MEDIUM | CVE-2022-1304 | e2fsprogs: out-of-bounds read/write via crafted filesystem | libcom-err2 | 1.44.1-1ubuntu1.3 | 1.44.1-1ubuntu1.4 |
| MEDIUM | CVE-2020-8285 | curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.12 |
| MEDIUM | CVE-2020-8286 | curl: Inferior OCSP verification | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.12 |
| MEDIUM | CVE-2021-22876 | curl: Leak of authentication credentials in URL via automatic Referer | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.13 |
| MEDIUM | CVE-2021-22924 | curl: Bad connection reuse due to flawed path name checks | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.14 |
| MEDIUM | CVE-2021-22925 | curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.14 |
| MEDIUM | CVE-2021-22946 | curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.15 |
| MEDIUM | CVE-2021-22947 | curl: Server responses received before STARTTLS processed after TLS handshake | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.15 |
| MEDIUM | CVE-2022-22576 | curl: OAUTH2 bearer bypass in connection re-use | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.17 |
| MEDIUM | CVE-2022-27774 | curl: credential leak on redirect | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.17 |
| MEDIUM | CVE-2022-27782 | curl: TLS and SSH connection too eager reuse | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.18 |
| MEDIUM | CVE-2022-32206 | curl: HTTP compression denial of service | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.19 |
| MEDIUM | CVE-2022-32208 | curl: FTP-KRB bad message verification | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.19 |
| MEDIUM | CVE-2020-8285 | curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.12 |
| MEDIUM | CVE-2020-8286 | curl: Inferior OCSP verification | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.12 |
| MEDIUM | CVE-2021-22876 | curl: Leak of authentication credentials in URL via automatic Referer | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.13 |
| MEDIUM | CVE-2021-22924 | curl: Bad connection reuse due to flawed path name checks | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.14 |
| MEDIUM | CVE-2021-22925 | curl: Incorrect fix for CVE-2021-22898 TELNET stack contents disclosure | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.14 |
| MEDIUM | CVE-2021-22946 | curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.15 |
| MEDIUM | CVE-2021-22947 | curl: Server responses received before STARTTLS processed after TLS handshake | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.15 |
| MEDIUM | CVE-2022-22576 | curl: OAUTH2 bearer bypass in connection re-use | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.17 |
| MEDIUM | CVE-2022-27774 | curl: credential leak on redirect | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.17 |
| MEDIUM | CVE-2022-27782 | curl: TLS and SSH connection too eager reuse | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.18 |
| MEDIUM | CVE-2022-32206 | curl: HTTP compression denial of service | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.19 |
| MEDIUM | CVE-2022-32208 | curl: FTP-KRB bad message verification | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.19 |
| MEDIUM | CVE-2021-46143 | expat: Integer overflow in doProlog in xmlparse.c | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| MEDIUM | CVE-2022-22822 | expat: Integer overflow in addBinding in xmlparse.c | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| MEDIUM | CVE-2022-22823 | expat: Integer overflow in build_model in xmlparse.c | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| MEDIUM | CVE-2022-22824 | expat: Integer overflow in defineAttribute in xmlparse.c | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| MEDIUM | CVE-2022-22825 | expat: Integer overflow in lookup in xmlparse.c | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| MEDIUM | CVE-2022-22826 | expat: Integer overflow in nextScaffoldPart in xmlparse.c | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| MEDIUM | CVE-2022-22827 | expat: Integer overflow in storeAtts in xmlparse.c | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| MEDIUM | CVE-2022-23852 | expat: Integer overflow in function XML_GetBuffer | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| MEDIUM | CVE-2022-23990 | expat: integer overflow in the doProlog function | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| MEDIUM | CVE-2022-25313 | expat: stack exhaustion in doctype parsing | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.7 |
| MEDIUM | CVE-2022-25314 | expat: integer overflow in copyString() | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.7 |
| MEDIUM | CVE-2022-25315 | expat: Integer overflow in storeRawNames() | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.7 |
| MEDIUM | CVE-2022-1304 | e2fsprogs: out-of-bounds read/write via crafted filesystem | libext2fs2 | 1.44.1-1ubuntu1.3 | 1.44.1-1ubuntu1.4 |
| MEDIUM | CVE-2020-13844 | kernel: ARM straight-line speculation vulnerability | libgcc1 | 8.4.0-1ubuntu1~18.04 | |
| MEDIUM | CVE-2021-40528 | libgcrypt: ElGamal implementation allows plaintext recovery | libgcrypt20 | 1.8.1-4ubuntu1.2 | 1.8.1-4ubuntu1.3 |
| MEDIUM | CVE-2018-20217 | krb5: Reachable assertion in the KDC using S4U2Self requests | libgssapi-krb5-2 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2020-28196 | krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may | libgssapi-krb5-2 | 1.16-2ubuntu0.1 | 1.16-2ubuntu0.2 |
| MEDIUM | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libgssapi-krb5-2 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libgssapi-krb5-2 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2021-20305 | nettle: Out of bounds memory access in signature verification | libhogweed4 | 3.4-1 | 3.4-1ubuntu0.1 |
| MEDIUM | CVE-2021-3580 | nettle: Remote crash in RSA decryption via manipulated ciphertext | libhogweed4 | 3.4-1 | 3.4.1-0ubuntu0.18.04.1 |
| MEDIUM | CVE-2021-23358 | nodejs-underscore: Arbitrary code execution via the template function | libjs-underscore | 1.8.3~dfsg-1 | 1.8.3~dfsg-1ubuntu0.1 |
| MEDIUM | CVE-2018-20217 | krb5: Reachable assertion in the KDC using S4U2Self requests | libk5crypto3 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2020-28196 | krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may | libk5crypto3 | 1.16-2ubuntu0.1 | 1.16-2ubuntu0.2 |
| MEDIUM | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libk5crypto3 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libk5crypto3 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2018-20217 | krb5: Reachable assertion in the KDC using S4U2Self requests | libkrb5-3 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2020-28196 | krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may | libkrb5-3 | 1.16-2ubuntu0.1 | 1.16-2ubuntu0.2 |
| MEDIUM | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libkrb5-3 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libkrb5-3 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2018-20217 | krb5: Reachable assertion in the KDC using S4U2Self requests | libkrb5support0 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2020-28196 | krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may | libkrb5support0 | 1.16-2ubuntu0.1 | 1.16-2ubuntu0.2 |
| MEDIUM | CVE-2021-36222 | krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could re | libkrb5support0 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2021-37750 | krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that l | libkrb5support0 | 1.16-2ubuntu0.1 | |
| MEDIUM | CVE-2020-25692 | openldap: NULL pointer dereference for unauthenticated packet in slapd | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.7 |
| MEDIUM | CVE-2020-25709 | openldap: assertion failure in Certificate List syntax validation | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.8 |
| MEDIUM | CVE-2020-25710 | openldap: assertion failure in CSN normalization with invalid input | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.8 |
| MEDIUM | CVE-2020-36221 | openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36222 | openldap: Assertion failure in slapd in the saslAuthzTo validation | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36223 | openldap: Out-of-bounds read in Values Return Filter | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36224 | openldap: Invalid pointer free in the saslAuthzTo processing | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36225 | openldap: Double free in the saslAuthzTo processing | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36226 | openldap: Denial of service via length miscalculation in slap_parse_user | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36227 | openldap: Infinite loop in slapd with the cancel_extop Cancel operation | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36228 | openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36229 | openldap: Type confusion in ad_keystring in ad.c | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36230 | openldap: Assertion failure in ber_next_element in decode.c | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2021-27212 | openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.10 |
| MEDIUM | CVE-2022-29155 | openldap: OpenLDAP SQL injection | libldap-2.4-2 | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.11 |
| MEDIUM | CVE-2020-25692 | openldap: NULL pointer dereference for unauthenticated packet in slapd | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.7 |
| MEDIUM | CVE-2020-25709 | openldap: assertion failure in Certificate List syntax validation | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.8 |
| MEDIUM | CVE-2020-25710 | openldap: assertion failure in CSN normalization with invalid input | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.8 |
| MEDIUM | CVE-2020-36221 | openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36222 | openldap: Assertion failure in slapd in the saslAuthzTo validation | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36223 | openldap: Out-of-bounds read in Values Return Filter | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36224 | openldap: Invalid pointer free in the saslAuthzTo processing | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36225 | openldap: Double free in the saslAuthzTo processing | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36226 | openldap: Denial of service via length miscalculation in slap_parse_user | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36227 | openldap: Infinite loop in slapd with the cancel_extop Cancel operation | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36228 | openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36229 | openldap: Type confusion in ad_keystring in ad.c | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2020-36230 | openldap: Assertion failure in ber_next_element in decode.c | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.9 |
| MEDIUM | CVE-2021-27212 | openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.10 |
| MEDIUM | CVE-2022-29155 | openldap: OpenLDAP SQL injection | libldap-common | 2.4.45+dfsg-1ubuntu1.6 | 2.4.45+dfsg-1ubuntu1.11 |
| MEDIUM | CVE-2021-3520 | lz4: memory corruption due to an integer overflow bug caused by memmove argument | liblz4-1 | 0.0~r131-2ubuntu3 | 0.0~r131-2ubuntu3.1 |
| MEDIUM | CVE-2022-1271 | gzip: arbitrary-file-write vulnerability | liblzma5 | 5.2.2-1.3 | 5.2.2-1.3ubuntu0.1 |
| MEDIUM | CVE-2021-20305 | nettle: Out of bounds memory access in signature verification | libnettle6 | 3.4-1 | 3.4-1ubuntu0.1 |
| MEDIUM | CVE-2021-3580 | nettle: Remote crash in RSA decryption via manipulated ciphertext | libnettle6 | 3.4-1 | 3.4.1-0ubuntu0.18.04.1 |
| MEDIUM | CVE-2019-9511 | HTTP/2: large amount of data requests leads to denial of service | libnghttp2-14 | 1.30.0-1ubuntu1 | |
| MEDIUM | CVE-2019-9513 | HTTP/2: flood using PRIORITY frames results in excessive resource consumption | libnghttp2-14 | 1.30.0-1ubuntu1 | |
| MEDIUM | CVE-2019-13224 | oniguruma: Use-after-free in onig_new_deluxe() in regext.c | libonig4 | 6.7.0-1 | |
| MEDIUM | CVE-2019-16163 | oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c | libonig4 | 6.7.0-1 | |
| MEDIUM | CVE-2019-19012 | oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read | libonig4 | 6.7.0-1 | |
| MEDIUM | CVE-2019-19203 | oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c | libonig4 | 6.7.0-1 | |
| MEDIUM | CVE-2019-19204 | oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c | libonig4 | 6.7.0-1 | |
| MEDIUM | CVE-2019-19246 | oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c | libonig4 | 6.7.0-1 | |
| MEDIUM | CVE-2020-29361 | p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers | libp11-kit0 | 0.23.9-2 | 0.23.9-2ubuntu0.1 |
| MEDIUM | CVE-2020-29362 | p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c | libp11-kit0 | 0.23.9-2 | 0.23.9-2ubuntu0.1 |
| MEDIUM | CVE-2020-29363 | p11-kit: out-of-bounds write in p11_rpc_buffer_get_byte_array_value function in rpc-message.c | libp11-kit0 | 0.23.9-2 | 0.23.9-2ubuntu0.1 |
| MEDIUM | CVE-2020-16156 | perl-CPAN: Bypass of verification of signatures in CHECKSUMS files | libperl5.26 | 5.26.1-6ubuntu0.3 | |
| MEDIUM | CVE-2021-3177 | python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c | libpython2.7-minimal | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.6 |
| MEDIUM | CVE-2021-4189 | python: ftplib should not use the host from the PASV response | libpython2.7-minimal | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.7 |
| MEDIUM | CVE-2022-0391 | python: urllib.parse does not sanitize URLs containing ASCII newline and tabs | libpython2.7-minimal | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.7 |
| MEDIUM | CVE-2021-3177 | python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c | libpython2.7-stdlib | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.6 |
| MEDIUM | CVE-2021-4189 | python: ftplib should not use the host from the PASV response | libpython2.7-stdlib | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.7 |
| MEDIUM | CVE-2022-0391 | python: urllib.parse does not sanitize URLs containing ASCII newline and tabs | libpython2.7-stdlib | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.7 |
| MEDIUM | CVE-2020-9794 | libsqlite3-0 | 3.22.0-1ubuntu0.4 | ||
| MEDIUM | CVE-2022-1304 | e2fsprogs: out-of-bounds read/write via crafted filesystem | libss2 | 1.44.1-1ubuntu1.3 | 1.44.1-1ubuntu1.4 |
| MEDIUM | CVE-2021-23841 | openssl: NULL pointer dereference in X509_issuer_and_serial_hash() | libssl1.0-dev | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.6 |
| MEDIUM | CVE-2021-3712 | openssl: Read buffer overruns processing ASN.1 strings | libssl1.0-dev | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.7 |
| MEDIUM | CVE-2022-1292 | openssl: c_rehash script allows command injection | libssl1.0-dev | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.9 |
| MEDIUM | CVE-2022-2068 | openssl: the c_rehash script allows command injection | libssl1.0-dev | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.10 |
| MEDIUM | CVE-2021-23841 | openssl: NULL pointer dereference in X509_issuer_and_serial_hash() | libssl1.0.0 | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.6 |
| MEDIUM | CVE-2021-3712 | openssl: Read buffer overruns processing ASN.1 strings | libssl1.0.0 | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.7 |
| MEDIUM | CVE-2022-1292 | openssl: c_rehash script allows command injection | libssl1.0.0 | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.9 |
| MEDIUM | CVE-2022-2068 | openssl: the c_rehash script allows command injection | libssl1.0.0 | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.10 |
| MEDIUM | CVE-2021-23841 | openssl: NULL pointer dereference in X509_issuer_and_serial_hash() | libssl1.1 | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.8 |
| MEDIUM | CVE-2021-3712 | openssl: Read buffer overruns processing ASN.1 strings | libssl1.1 | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 |
| MEDIUM | CVE-2022-1292 | openssl: c_rehash script allows command injection | libssl1.1 | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.17 |
| MEDIUM | CVE-2022-2068 | openssl: the c_rehash script allows command injection | libssl1.1 | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.19 |
| MEDIUM | CVE-2020-13844 | kernel: ARM straight-line speculation vulnerability | libstdc++6 | 8.4.0-1ubuntu1~18.04 | |
| MEDIUM | CVE-2021-31535 | libX11: missing request length checks | libx11-6 | 2:1.6.4-3ubuntu0.3 | 2:1.6.4-3ubuntu0.4 |
| MEDIUM | CVE-2021-31535 | libX11: missing request length checks | libx11-data | 2:1.6.4-3ubuntu0.3 | 2:1.6.4-3ubuntu0.4 |
| MEDIUM | CVE-2021-3516 | libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c | libxml2 | 2.9.4+dfsg1-6.1ubuntu1.3 | 2.9.4+dfsg1-6.1ubuntu1.4 |
| MEDIUM | CVE-2021-3517 | libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c | libxml2 | 2.9.4+dfsg1-6.1ubuntu1.3 | 2.9.4+dfsg1-6.1ubuntu1.4 |
| MEDIUM | CVE-2021-3518 | libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c | libxml2 | 2.9.4+dfsg1-6.1ubuntu1.3 | 2.9.4+dfsg1-6.1ubuntu1.4 |
| MEDIUM | CVE-2021-3537 | libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode | libxml2 | 2.9.4+dfsg1-6.1ubuntu1.3 | 2.9.4+dfsg1-6.1ubuntu1.4 |
| MEDIUM | CVE-2022-23308 | libxml2: Use-after-free of ID and IDREF attributes | libxml2 | 2.9.4+dfsg1-6.1ubuntu1.3 | 2.9.4+dfsg1-6.1ubuntu1.5 |
| MEDIUM | CVE-2022-29824 | libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write | libxml2 | 2.9.4+dfsg1-6.1ubuntu1.3 | 2.9.4+dfsg1-6.1ubuntu1.6 |
| MEDIUM | CVE-2021-24031 | zstd: adds read permissions to files while being compressed or uncompressed | libzstd1 | 1.3.3+dfsg-2ubuntu1.1 | 1.3.3+dfsg-2ubuntu1.2 |
| MEDIUM | CVE-2021-24032 | zstd: Race condition allows attacker to access world-readable destination file | libzstd1 | 1.3.3+dfsg-2ubuntu1.1 | 1.3.3+dfsg-2ubuntu1.2 |
| MEDIUM | CVE-2021-3999 | glibc: Off-by-one buffer overflow/underflow in getcwd() | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| MEDIUM | CVE-2021-3999 | glibc: Off-by-one buffer overflow/underflow in getcwd() | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| MEDIUM | CVE-2021-46322 | mysql-client-5.7 | 5.7.38-0ubuntu0.18.04.1 | ||
| MEDIUM | CVE-2021-46322 | mysql-client-core-5.7 | 5.7.38-0ubuntu0.18.04.1 | ||
| MEDIUM | CVE-2021-46322 | mysql-server | 5.7.38-0ubuntu0.18.04.1 | ||
| MEDIUM | CVE-2021-46322 | mysql-server-5.7 | 5.7.38-0ubuntu0.18.04.1 | ||
| MEDIUM | CVE-2021-46322 | mysql-server-core-5.7 | 5.7.38-0ubuntu0.18.04.1 | ||
| MEDIUM | CVE-2020-7788 | nodejs-ini: Prototype pollution via malicious INI file | node-ini | 1.3.4-1 | |
| MEDIUM | CVE-2017-16138 | nodejs-mime: Regular expression Denial of Service | node-mime | 1.3.4-1 | |
| MEDIUM | CVE-2021-23358 | nodejs-underscore: Arbitrary code execution via the template function | node-underscore | 1.8.3~dfsg-1 | 1.8.3~dfsg-1ubuntu0.1 |
| MEDIUM | CVE-2018-12115 | nodejs: Out of bounds (OOB) write via UCS-2 encoding | nodejs | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12116 | nodejs: HTTP request splitting | nodejs | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12121 | nodejs: Denial of Service with large HTTP headers | nodejs | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12122 | nodejs: Slowloris HTTP Denial of Service | nodejs | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-7160 | nodejs: Inspector DNS rebinding vulnerability | nodejs | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-7167 | nodejs: Denial of Service by calling Buffer.fill() or Buffer.alloc() with specially crafted paramete | nodejs | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2019-5737 | nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass | nodejs | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12115 | nodejs: Out of bounds (OOB) write via UCS-2 encoding | nodejs-dev | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12116 | nodejs: HTTP request splitting | nodejs-dev | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12121 | nodejs: Denial of Service with large HTTP headers | nodejs-dev | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12122 | nodejs: Slowloris HTTP Denial of Service | nodejs-dev | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-7160 | nodejs: Inspector DNS rebinding vulnerability | nodejs-dev | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-7167 | nodejs: Denial of Service by calling Buffer.fill() or Buffer.alloc() with specially crafted paramete | nodejs-dev | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2019-5737 | nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass | nodejs-dev | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12115 | nodejs: Out of bounds (OOB) write via UCS-2 encoding | nodejs-doc | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12116 | nodejs: HTTP request splitting | nodejs-doc | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12121 | nodejs: Denial of Service with large HTTP headers | nodejs-doc | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-12122 | nodejs: Slowloris HTTP Denial of Service | nodejs-doc | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-7160 | nodejs: Inspector DNS rebinding vulnerability | nodejs-doc | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2018-7167 | nodejs: Denial of Service by calling Buffer.fill() or Buffer.alloc() with specially crafted paramete | nodejs-doc | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2019-5737 | nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass | nodejs-doc | 8.10.0~dfsg-2ubuntu0.4 | |
| MEDIUM | CVE-2016-3956 | npm: bearer token leak to non-registry hosts | npm | 3.5.2-0ubuntu4 | |
| MEDIUM | CVE-2021-23841 | openssl: NULL pointer dereference in X509_issuer_and_serial_hash() | openssl | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.8 |
| MEDIUM | CVE-2021-3712 | openssl: Read buffer overruns processing ASN.1 strings | openssl | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.13 |
| MEDIUM | CVE-2022-1292 | openssl: c_rehash script allows command injection | openssl | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.17 |
| MEDIUM | CVE-2022-2068 | openssl: the c_rehash script allows command injection | openssl | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.19 |
| MEDIUM | CVE-2020-16156 | perl-CPAN: Bypass of verification of signatures in CHECKSUMS files | perl | 5.26.1-6ubuntu0.3 | |
| MEDIUM | CVE-2020-16156 | perl-CPAN: Bypass of verification of signatures in CHECKSUMS files | perl-base | 5.26.1-6ubuntu0.3 | |
| MEDIUM | CVE-2020-16156 | perl-CPAN: Bypass of verification of signatures in CHECKSUMS files | perl-modules-5.26 | 5.26.1-6ubuntu0.3 | |
| MEDIUM | CVE-2021-3177 | python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c | python2.7 | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.6 |
| MEDIUM | CVE-2021-4189 | python: ftplib should not use the host from the PASV response | python2.7 | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.7 |
| MEDIUM | CVE-2022-0391 | python: urllib.parse does not sanitize URLs containing ASCII newline and tabs | python2.7 | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.7 |
| MEDIUM | CVE-2021-3177 | python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c | python2.7-minimal | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.6 |
| MEDIUM | CVE-2021-4189 | python: ftplib should not use the host from the PASV response | python2.7-minimal | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.7 |
| MEDIUM | CVE-2022-0391 | python: urllib.parse does not sanitize URLs containing ASCII newline and tabs | python2.7-minimal | 2.7.17-1~18.04ubuntu1.2 | 2.7.17-1~18.04ubuntu1.7 |
| MEDIUM | CVE-2022-0529 | unzip: Heap out-of-bound writes and reads during conversion of wide string to local string | unzip | 6.0-21ubuntu1.1 | |
| MEDIUM | CVE-2021-4192 | vim: use-after-free in win_linetabsize() | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0213 | vim: vim is vulnerable to out of bounds read | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0261 | vim: Heap-based buffer overflow in block_insert() in src/ops.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0318 | vim: Heap-based buffer overflow in utf_head_off() in mbyte.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0319 | vim: heap-based out-of-bounds read | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0351 | vim: access of memory location before start of buffer | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0359 | vim: Heap-based buffer overflow in init_ccline() in ex_getln.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0361 | vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0368 | vim: Out-of-bounds Read in vim | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0392 | vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0408 | vim: Stack-based Buffer Overflow in spellsuggest.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0413 | vim: Use after free in src/ex_cmds.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0554 | vim: Use of Out-of-range Pointer Offset in vim | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0572 | vim: heap overflow in ex_retab() may lead to crash | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0685 | : vim: Use of Out-of-range Pointer Offset in vim | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0714 | vim: buffer overflow | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0943 | vim: Heap-based Buffer Overflow occurs in vim | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1154 | vim: use after free in utf_ptr2char | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1616 | vim: heap-buffer-overflow in append_command of src/ex_docmd.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1619 | vim: heap-buffer-overflow in cmdline_erase_chars of ex_getln.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1620 | vim: NULL Pointer Dereference in vim_regexec_string() of regexp.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1621 | vim: heap buffer overflow | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1629 | vim: buffer over-read | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1851 | vim: out-of-bounds read in gchar_cursor() in misc1.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1927 | vim: buffer over-read in utf_ptr2char() in mbyte.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1942 | vim: out of bounds write in vim_regsub_both() | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1968 | vim: use-after-free in function utf_ptr2char at mbyte.c:1794 | vim | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2021-4192 | vim: use-after-free in win_linetabsize() | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0213 | vim: vim is vulnerable to out of bounds read | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0261 | vim: Heap-based buffer overflow in block_insert() in src/ops.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0318 | vim: Heap-based buffer overflow in utf_head_off() in mbyte.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0319 | vim: heap-based out-of-bounds read | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0351 | vim: access of memory location before start of buffer | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0359 | vim: Heap-based buffer overflow in init_ccline() in ex_getln.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0361 | vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0368 | vim: Out-of-bounds Read in vim | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0392 | vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0408 | vim: Stack-based Buffer Overflow in spellsuggest.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0413 | vim: Use after free in src/ex_cmds.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0554 | vim: Use of Out-of-range Pointer Offset in vim | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0572 | vim: heap overflow in ex_retab() may lead to crash | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0685 | : vim: Use of Out-of-range Pointer Offset in vim | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0714 | vim: buffer overflow | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0943 | vim: Heap-based Buffer Overflow occurs in vim | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1154 | vim: use after free in utf_ptr2char | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1616 | vim: heap-buffer-overflow in append_command of src/ex_docmd.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1619 | vim: heap-buffer-overflow in cmdline_erase_chars of ex_getln.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1620 | vim: NULL Pointer Dereference in vim_regexec_string() of regexp.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1621 | vim: heap buffer overflow | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1629 | vim: buffer over-read | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1851 | vim: out-of-bounds read in gchar_cursor() in misc1.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1927 | vim: buffer over-read in utf_ptr2char() in mbyte.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1942 | vim: out of bounds write in vim_regsub_both() | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1968 | vim: use-after-free in function utf_ptr2char at mbyte.c:1794 | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2021-4192 | vim: use-after-free in win_linetabsize() | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0213 | vim: vim is vulnerable to out of bounds read | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0261 | vim: Heap-based buffer overflow in block_insert() in src/ops.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0318 | vim: Heap-based buffer overflow in utf_head_off() in mbyte.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0319 | vim: heap-based out-of-bounds read | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0351 | vim: access of memory location before start of buffer | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0359 | vim: Heap-based buffer overflow in init_ccline() in ex_getln.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0361 | vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0368 | vim: Out-of-bounds Read in vim | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0392 | vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0408 | vim: Stack-based Buffer Overflow in spellsuggest.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0413 | vim: Use after free in src/ex_cmds.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0554 | vim: Use of Out-of-range Pointer Offset in vim | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0572 | vim: heap overflow in ex_retab() may lead to crash | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0685 | : vim: Use of Out-of-range Pointer Offset in vim | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0714 | vim: buffer overflow | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0943 | vim: Heap-based Buffer Overflow occurs in vim | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1154 | vim: use after free in utf_ptr2char | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1616 | vim: heap-buffer-overflow in append_command of src/ex_docmd.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1619 | vim: heap-buffer-overflow in cmdline_erase_chars of ex_getln.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1620 | vim: NULL Pointer Dereference in vim_regexec_string() of regexp.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1621 | vim: heap buffer overflow | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1629 | vim: buffer over-read | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1851 | vim: out-of-bounds read in gchar_cursor() in misc1.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1927 | vim: buffer over-read in utf_ptr2char() in mbyte.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1942 | vim: out of bounds write in vim_regsub_both() | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1968 | vim: use-after-free in function utf_ptr2char at mbyte.c:1794 | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2021-4192 | vim: use-after-free in win_linetabsize() | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0213 | vim: vim is vulnerable to out of bounds read | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0261 | vim: Heap-based buffer overflow in block_insert() in src/ops.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0318 | vim: Heap-based buffer overflow in utf_head_off() in mbyte.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0319 | vim: heap-based out-of-bounds read | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0351 | vim: access of memory location before start of buffer | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0359 | vim: Heap-based buffer overflow in init_ccline() in ex_getln.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0361 | vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0368 | vim: Out-of-bounds Read in vim | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0392 | vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0408 | vim: Stack-based Buffer Overflow in spellsuggest.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0413 | vim: Use after free in src/ex_cmds.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0554 | vim: Use of Out-of-range Pointer Offset in vim | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0572 | vim: heap overflow in ex_retab() may lead to crash | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0685 | : vim: Use of Out-of-range Pointer Offset in vim | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0714 | vim: buffer overflow | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-0943 | vim: Heap-based Buffer Overflow occurs in vim | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1154 | vim: use after free in utf_ptr2char | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1616 | vim: heap-buffer-overflow in append_command of src/ex_docmd.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1619 | vim: heap-buffer-overflow in cmdline_erase_chars of ex_getln.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1620 | vim: NULL Pointer Dereference in vim_regexec_string() of regexp.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1621 | vim: heap buffer overflow | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1629 | vim: buffer over-read | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1851 | vim: out-of-bounds read in gchar_cursor() in misc1.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1927 | vim: buffer over-read in utf_ptr2char() in mbyte.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1942 | vim: out of bounds write in vim_regsub_both() | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1968 | vim: use-after-free in function utf_ptr2char at mbyte.c:1794 | xxd | 2:8.0.1453-1ubuntu1.8 | |
| MEDIUM | CVE-2022-1271 | gzip: arbitrary-file-write vulnerability | xz-utils | 5.2.2-1.3 | 5.2.2-1.3ubuntu0.1 |
| MEDIUM | CVE-2018-25032 | zlib: A flaw found in zlib when compressing (not decompressing) certain inputs | zlib1g | 1:1.2.11.dfsg-0ubuntu2 | 1:1.2.11.dfsg-0ubuntu2.1 |
| MEDIUM | CVE-2021-41182 | jquery-ui: XSS in the altField option of the datepicker widget | jquery-ui | 1.11.4 | 1.13.0 |
| MEDIUM | CVE-2021-41183 | jquery-ui: XSS in *Text options of the datepicker widget | jquery-ui | 1.11.4 | 1.13.0 |
| MEDIUM | CVE-2021-41184 | jquery-ui: XSS in the 'of' option of the .position() util | jquery-ui | 1.11.4 | 1.13.0 |
| MEDIUM | CVE-2017-16022 | Cross-Site Scripting in morris.js | morris.js | 0.5.0 | |
| MEDIUM | NSWG-ECO-307 | XSS in Hover Over Label Names | morris.js | 0.5.0 | <0.0.0 |
| LOW | CVE-2020-35452 | httpd: Single zero byte stack overflow in mod_auth_digest | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| LOW | CVE-2022-22721 | httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| LOW | CVE-2022-28614 | httpd: out-of-bounds read via ap_rwrite() | apache2 | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| LOW | CVE-2020-35452 | httpd: Single zero byte stack overflow in mod_auth_digest | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| LOW | CVE-2022-22721 | httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| LOW | CVE-2022-28614 | httpd: out-of-bounds read via ap_rwrite() | apache2-bin | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| LOW | CVE-2020-35452 | httpd: Single zero byte stack overflow in mod_auth_digest | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| LOW | CVE-2022-22721 | httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| LOW | CVE-2022-28614 | httpd: out-of-bounds read via ap_rwrite() | apache2-data | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| LOW | CVE-2020-35452 | httpd: Single zero byte stack overflow in mod_auth_digest | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.16 |
| LOW | CVE-2022-22721 | httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.22 |
| LOW | CVE-2022-28614 | httpd: out-of-bounds read via ap_rwrite() | apache2-utils | 2.4.29-1ubuntu4.14 | 2.4.29-1ubuntu4.24 |
| LOW | CVE-2019-18276 | bash: when effective UID is not equal to its real UID the saved UID is not dropped | bash | 4.4.18-2ubuntu1.2 | 4.4.18-2ubuntu1.3 |
| LOW | CVE-2016-2781 | coreutils: Non-privileged session can escape to the parent session in chroot | coreutils | 8.28-1ubuntu1 | |
| LOW | CVE-2020-8284 | curl: FTP PASV command response can cause curl to connect to arbitrary host | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.12 |
| LOW | CVE-2021-22898 | curl: TELNET stack contents disclosure | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.14 |
| LOW | CVE-2022-27776 | curl: auth/cookie leak on redirect | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.17 |
| LOW | CVE-2022-27781 | curl: CERTINFO never-ending busy-loop | curl | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.18 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | dirmngr | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2018-1000021 | git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages t | git | 1:2.17.1-1ubuntu0.7 | |
| LOW | CVE-2018-1000021 | git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages t | git-man | 1:2.17.1-1ubuntu0.7 | |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gnupg | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gnupg-l10n | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gnupg-utils | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gpg | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gpg-agent | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gpg-wks-client | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gpg-wks-server | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gpgconf | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gpgsm | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-13050 | GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack | gpgv | 2.2.4-1ubuntu1.3 | 2.2.4-1ubuntu1.5 |
| LOW | CVE-2019-12098 | In the client side of Heimdal before 7.6.0, failure to verify anonymou ... | libasn1-8-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-3671 | samba: Null pointer dereference on missing sname in TGS-REQ | libasn1-8-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2009-5155 | glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigg | libc-bin | 2.27-3ubuntu1.2 | |
| LOW | CVE-2015-8985 | glibc: potential denial of service in pop_fail_stack() | libc-bin | 2.27-3ubuntu1.2 | |
| LOW | CVE-2016-10228 | glibc: iconv program can hang when invoked with the -c option | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2016-20013 | libc-bin | 2.27-3ubuntu1.2 | ||
| LOW | CVE-2019-25013 | glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR en | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-27618 | glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-29562 | glibc: assertion failure in iconv when converting invalid UCS4 | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-6096 | glibc: signed comparison vulnerability in the ARMv7 memcpy function | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2021-3326 | glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2021-35942 | glibc: Arbitrary read in wordexp() | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2022-23218 | glibc: Stack-based buffer overflow in svcunix_create via long pathnames | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2022-23219 | glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname | libc-bin | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2009-5155 | glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigg | libc6 | 2.27-3ubuntu1.2 | |
| LOW | CVE-2015-8985 | glibc: potential denial of service in pop_fail_stack() | libc6 | 2.27-3ubuntu1.2 | |
| LOW | CVE-2016-10228 | glibc: iconv program can hang when invoked with the -c option | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2016-20013 | libc6 | 2.27-3ubuntu1.2 | ||
| LOW | CVE-2019-25013 | glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR en | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-27618 | glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-29562 | glibc: assertion failure in iconv when converting invalid UCS4 | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-6096 | glibc: signed comparison vulnerability in the ARMv7 memcpy function | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2021-3326 | glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2021-35942 | glibc: Arbitrary read in wordexp() | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2022-23218 | glibc: Stack-based buffer overflow in svcunix_create via long pathnames | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2022-23219 | glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname | libc6 | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-8284 | curl: FTP PASV command response can cause curl to connect to arbitrary host | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.12 |
| LOW | CVE-2021-22898 | curl: TELNET stack contents disclosure | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.14 |
| LOW | CVE-2022-27776 | curl: auth/cookie leak on redirect | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.17 |
| LOW | CVE-2022-27781 | curl: CERTINFO never-ending busy-loop | libcurl3-gnutls | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.18 |
| LOW | CVE-2020-8284 | curl: FTP PASV command response can cause curl to connect to arbitrary host | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.12 |
| LOW | CVE-2021-22898 | curl: TELNET stack contents disclosure | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.14 |
| LOW | CVE-2022-27776 | curl: auth/cookie leak on redirect | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.17 |
| LOW | CVE-2022-27781 | curl: CERTINFO never-ending busy-loop | libcurl4 | 7.58.0-2ubuntu3.10 | 7.58.0-2ubuntu3.18 |
| LOW | CVE-2021-45960 | expat: Large number of prefixed XML attributes on a single tag can crash libexpat | libexpat1 | 2.2.5-3ubuntu0.2 | 2.2.5-3ubuntu0.4 |
| LOW | CVE-2021-33560 | libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channe | libgcrypt20 | 1.8.1-4ubuntu1.2 | 1.8.1-4ubuntu1.3 |
| LOW | CVE-2018-16868 | gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle veri | libgnutls30 | 3.5.18-1ubuntu1.4 | |
| LOW | CVE-2019-12098 | In the client side of Heimdal before 7.6.0, failure to verify anonymou ... | libgssapi3-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-3671 | samba: Null pointer dereference on missing sname in TGS-REQ | libgssapi3-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2019-12098 | In the client side of Heimdal before 7.6.0, failure to verify anonymou ... | libhcrypto4-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-3671 | samba: Null pointer dereference on missing sname in TGS-REQ | libhcrypto4-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2019-12098 | In the client side of Heimdal before 7.6.0, failure to verify anonymou ... | libheimbase1-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-3671 | samba: Null pointer dereference on missing sname in TGS-REQ | libheimbase1-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2019-12098 | In the client side of Heimdal before 7.6.0, failure to verify anonymou ... | libheimntlm0-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-3671 | samba: Null pointer dereference on missing sname in TGS-REQ | libheimntlm0-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2018-16869 | nettle: Leaky data conversion exposing a manager oracle | libhogweed4 | 3.4-1 | 3.4.1-0ubuntu0.18.04.1 |
| LOW | CVE-2019-12098 | In the client side of Heimdal before 7.6.0, failure to verify anonymou ... | libhx509-5-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-3671 | samba: Null pointer dereference on missing sname in TGS-REQ | libhx509-5-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2020-21913 | icu: Use after free in pkg_createWithAssemblyCode function in tools/pkgdata/pkgdata.cpp | libicu60 | 60.2-3ubuntu3.1 | 60.2-3ubuntu3.2 |
| LOW | CVE-2019-11358 | jquery: Prototype pollution in object's prototype leading to denial of service, remote code executio | libjs-jquery | 3.2.1-1 | |
| LOW | CVE-2020-11023 | jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods | libjs-jquery | 3.2.1-1 | |
| LOW | CVE-2019-12098 | In the client side of Heimdal before 7.6.0, failure to verify anonymou ... | libkrb5-26-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-3671 | samba: Null pointer dereference on missing sname in TGS-REQ | libkrb5-26-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2019-17594 | ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | libncurses5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2019-17595 | ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | libncurses5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2021-39537 | ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c | libncurses5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2022-29458 | ncurses: segfaulting OOB read | libncurses5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2019-17594 | ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | libncursesw5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2019-17595 | ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | libncursesw5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2021-39537 | ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c | libncursesw5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2022-29458 | ncurses: segfaulting OOB read | libncursesw5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2018-16869 | nettle: Leaky data conversion exposing a manager oracle | libnettle6 | 3.4-1 | 3.4.1-0ubuntu0.18.04.1 |
| LOW | CVE-2019-20454 | pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode | libpcre2-8-0 | 10.35-5+ubuntu18.04.1+deb.sury.org+1 | |
| LOW | CVE-2022-1586 | pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c | libpcre2-8-0 | 10.35-5+ubuntu18.04.1+deb.sury.org+1 | |
| LOW | CVE-2022-1587 | pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c | libpcre2-8-0 | 10.35-5+ubuntu18.04.1+deb.sury.org+1 | |
| LOW | CVE-2017-11164 | pcre: OP_KETRMAX feature in the match function in pcre_exec.c | libpcre3 | 2:8.39-9 | |
| LOW | CVE-2019-20838 | pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 | libpcre3 | 2:8.39-9 | 2:8.39-9ubuntu0.1 |
| LOW | CVE-2020-14155 | pcre: Integer overflow when parsing callout numeric arguments | libpcre3 | 2:8.39-9 | 2:8.39-9ubuntu0.1 |
| LOW | CVE-2020-10543 | perl: heap-based buffer overflow in regular expression compiler leads to DoS | libperl5.26 | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-10878 | perl: corruption of intermediate language state of compiled regular expression due to integer overfl | libperl5.26 | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-12723 | perl: corruption of intermediate language state of compiled regular expression due to recursive S_st | libperl5.26 | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2015-20107 | python(mailcap): findmatch() function does not sanitise the second argument | libpython2.7-minimal | 2.7.17-1~18.04ubuntu1.2 | |
| LOW | CVE-2015-20107 | python(mailcap): findmatch() function does not sanitise the second argument | libpython2.7-stdlib | 2.7.17-1~18.04ubuntu1.2 | |
| LOW | CVE-2015-20107 | python(mailcap): findmatch() function does not sanitise the second argument | libpython3.6 | 3.6.9-1~18.04ubuntu1.7 | |
| LOW | CVE-2015-20107 | python(mailcap): findmatch() function does not sanitise the second argument | libpython3.6-minimal | 3.6.9-1~18.04ubuntu1.7 | |
| LOW | CVE-2015-20107 | python(mailcap): findmatch() function does not sanitise the second argument | libpython3.6-stdlib | 3.6.9-1~18.04ubuntu1.7 | |
| LOW | CVE-2019-12098 | In the client side of Heimdal before 7.6.0, failure to verify anonymou ... | libroken18-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-3671 | samba: Null pointer dereference on missing sname in TGS-REQ | libroken18-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-36084 | libsepol: use-after-free in __cil_verify_classperms() | libsepol1 | 2.7-1 | 2.7-1ubuntu0.1 |
| LOW | CVE-2021-36085 | libsepol: use-after-free in __cil_verify_classperms() | libsepol1 | 2.7-1 | 2.7-1ubuntu0.1 |
| LOW | CVE-2021-36086 | libsepol: use-after-free in cil_reset_classpermission() | libsepol1 | 2.7-1 | 2.7-1ubuntu0.1 |
| LOW | CVE-2021-36087 | libsepol: heap-based buffer overflow in ebitmap_match_any() | libsepol1 | 2.7-1 | 2.7-1ubuntu0.1 |
| LOW | CVE-2020-9849 | libsqlite3-0 | 3.22.0-1ubuntu0.4 | ||
| LOW | CVE-2020-9991 | libsqlite3-0 | 3.22.0-1ubuntu0.4 | ||
| LOW | CVE-2021-36690 | ** DISPUTED ** A segmentation fault can occur in the sqlite3.exe comma ... | libsqlite3-0 | 3.22.0-1ubuntu0.4 | 3.22.0-1ubuntu0.5 |
| LOW | CVE-2021-23840 | openssl: integer overflow in CipherUpdate | libssl1.0-dev | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.6 |
| LOW | CVE-2021-23840 | openssl: integer overflow in CipherUpdate | libssl1.0.0 | 1.0.2n-1ubuntu5.4 | 1.0.2n-1ubuntu5.6 |
| LOW | CVE-2021-23840 | openssl: integer overflow in CipherUpdate | libssl1.1 | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.8 |
| LOW | CVE-2020-13529 | systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t | libsystemd0 | 237-3ubuntu10.42 | 237-3ubuntu10.49 |
| LOW | CVE-2019-17594 | ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | libtinfo5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2019-17595 | ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | libtinfo5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2021-39537 | ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c | libtinfo5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2022-29458 | ncurses: segfaulting OOB read | libtinfo5 | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2020-13529 | systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client t | libudev1 | 237-3ubuntu10.42 | 237-3ubuntu10.49 |
| LOW | CVE-2019-12098 | In the client side of Heimdal before 7.6.0, failure to verify anonymou ... | libwind0-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2021-3671 | samba: Null pointer dereference on missing sname in TGS-REQ | libwind0-heimdal | 7.5.0+dfsg-1 | |
| LOW | CVE-2019-20388 | libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c | libxml2 | 2.9.4+dfsg1-6.1ubuntu1.3 | 2.9.4+dfsg1-6.1ubuntu1.4 |
| LOW | CVE-2020-24977 | libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal() in entities.c | libxml2 | 2.9.4+dfsg1-6.1ubuntu1.3 | 2.9.4+dfsg1-6.1ubuntu1.4 |
| LOW | CVE-2015-9019 | libxslt: math.random() in xslt uses unseeded randomness | libxslt1.1 | 1.1.29-5ubuntu0.2 | |
| LOW | CVE-2009-5155 | glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigg | locales | 2.27-3ubuntu1.2 | |
| LOW | CVE-2015-8985 | glibc: potential denial of service in pop_fail_stack() | locales | 2.27-3ubuntu1.2 | |
| LOW | CVE-2016-10228 | glibc: iconv program can hang when invoked with the -c option | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2016-20013 | locales | 2.27-3ubuntu1.2 | ||
| LOW | CVE-2019-25013 | glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR en | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-27618 | glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-29562 | glibc: assertion failure in iconv when converting invalid UCS4 | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-6096 | glibc: signed comparison vulnerability in the ARMv7 memcpy function | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2021-3326 | glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2021-35942 | glibc: Arbitrary read in wordexp() | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2022-23218 | glibc: Stack-based buffer overflow in svcunix_create via long pathnames | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2022-23219 | glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname | locales | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2013-4235 | shadow-utils: TOCTOU race conditions by copying and removing directory trees | login | 1:4.5-1ubuntu2 | |
| LOW | CVE-2018-7169 | shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p | login | 1:4.5-1ubuntu2 | 1:4.5-1ubuntu2.2 |
| LOW | CVE-2009-5155 | glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigg | multiarch-support | 2.27-3ubuntu1.2 | |
| LOW | CVE-2015-8985 | glibc: potential denial of service in pop_fail_stack() | multiarch-support | 2.27-3ubuntu1.2 | |
| LOW | CVE-2016-10228 | glibc: iconv program can hang when invoked with the -c option | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2016-20013 | multiarch-support | 2.27-3ubuntu1.2 | ||
| LOW | CVE-2019-25013 | glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR en | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-27618 | glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, wh | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-29562 | glibc: assertion failure in iconv when converting invalid UCS4 | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2020-6096 | glibc: signed comparison vulnerability in the ARMv7 memcpy function | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2021-3326 | glibc: Assertion failure in ISO-2022-JP-3 gconv module related to combining characters | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2021-35942 | glibc: Arbitrary read in wordexp() | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2022-23218 | glibc: Stack-based buffer overflow in svcunix_create via long pathnames | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2022-23219 | glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname | multiarch-support | 2.27-3ubuntu1.2 | 2.27-3ubuntu1.5 |
| LOW | CVE-2019-17594 | ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | ncurses-base | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2019-17595 | ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | ncurses-base | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2021-39537 | ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c | ncurses-base | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2022-29458 | ncurses: segfaulting OOB read | ncurses-base | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2019-17594 | ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c | ncurses-bin | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2019-17595 | ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c | ncurses-bin | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2021-39537 | ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c | ncurses-bin | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2022-29458 | ncurses: segfaulting OOB read | ncurses-bin | 6.1-1ubuntu1.18.04 | |
| LOW | CVE-2018-12123 | nodejs: Hostname spoofing in URL parser for javascript protocol | nodejs | 8.10.0~dfsg-2ubuntu0.4 | |
| LOW | CVE-2018-7159 | nodejs: HTTP parser allowed for spaces inside Content-Length header values | nodejs | 8.10.0~dfsg-2ubuntu0.4 | |
| LOW | CVE-2018-12123 | nodejs: Hostname spoofing in URL parser for javascript protocol | nodejs-dev | 8.10.0~dfsg-2ubuntu0.4 | |
| LOW | CVE-2018-7159 | nodejs: HTTP parser allowed for spaces inside Content-Length header values | nodejs-dev | 8.10.0~dfsg-2ubuntu0.4 | |
| LOW | CVE-2018-12123 | nodejs: Hostname spoofing in URL parser for javascript protocol | nodejs-doc | 8.10.0~dfsg-2ubuntu0.4 | |
| LOW | CVE-2018-7159 | nodejs: HTTP parser allowed for spaces inside Content-Length header values | nodejs-doc | 8.10.0~dfsg-2ubuntu0.4 | |
| LOW | CVE-2020-14145 | openssh: Observable discrepancy leading to an information leak in the algorithm negotiation | openssh-client | 1:7.6p1-4ubuntu0.3 | |
| LOW | CVE-2021-41617 | openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configur | openssh-client | 1:7.6p1-4ubuntu0.3 | |
| LOW | CVE-2021-23840 | openssl: integer overflow in CipherUpdate | openssl | 1.1.1-1ubuntu2.1~18.04.6 | 1.1.1-1ubuntu2.1~18.04.8 |
| LOW | CVE-2013-4235 | shadow-utils: TOCTOU race conditions by copying and removing directory trees | passwd | 1:4.5-1ubuntu2 | |
| LOW | CVE-2018-7169 | shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing p | passwd | 1:4.5-1ubuntu2 | 1:4.5-1ubuntu2.2 |
| LOW | CVE-2020-10543 | perl: heap-based buffer overflow in regular expression compiler leads to DoS | perl | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-10878 | perl: corruption of intermediate language state of compiled regular expression due to integer overfl | perl | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-12723 | perl: corruption of intermediate language state of compiled regular expression due to recursive S_st | perl | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-10543 | perl: heap-based buffer overflow in regular expression compiler leads to DoS | perl-base | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-10878 | perl: corruption of intermediate language state of compiled regular expression due to integer overfl | perl-base | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-12723 | perl: corruption of intermediate language state of compiled regular expression due to recursive S_st | perl-base | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-10543 | perl: heap-based buffer overflow in regular expression compiler leads to DoS | perl-modules-5.26 | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-10878 | perl: corruption of intermediate language state of compiled regular expression due to integer overfl | perl-modules-5.26 | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2020-12723 | perl: corruption of intermediate language state of compiled regular expression due to recursive S_st | perl-modules-5.26 | 5.26.1-6ubuntu0.3 | 5.26.1-6ubuntu0.5 |
| LOW | CVE-2015-20107 | python(mailcap): findmatch() function does not sanitise the second argument | python2.7 | 2.7.17-1~18.04ubuntu1.2 | |
| LOW | CVE-2015-20107 | python(mailcap): findmatch() function does not sanitise the second argument | python2.7-minimal | 2.7.17-1~18.04ubuntu1.2 | |
| LOW | CVE-2015-20107 | python(mailcap): findmatch() function does not sanitise the second argument | python3.6 | 3.6.9-1~18.04ubuntu1.7 | |
| LOW | CVE-2015-20107 | python(mailcap): findmatch() function does not sanitise the second argument | python3.6-minimal | 3.6.9-1~18.04ubuntu1.7 | |
| LOW | CVE-2018-20482 | tar: Infinite read loop in sparse_dump_region function in sparse.c | tar | 1.29b-2ubuntu0.1 | 1.29b-2ubuntu0.2 |
| LOW | CVE-2019-9923 | tar: null-pointer dereference in pax_decode_header in sparse.c | tar | 1.29b-2ubuntu0.1 | 1.29b-2ubuntu0.2 |
| LOW | CVE-2021-20193 | tar: Memory leak in read_header() in list.c | tar | 1.29b-2ubuntu0.1 | 1.29b-2ubuntu0.3 |
| LOW | CVE-2021-4217 | unzip: Null pointer dereference in Unicode strings code | unzip | 6.0-21ubuntu1.1 | |
| LOW | CVE-2022-0530 | unzip: SIGSEGV during the conversion of an utf-8 string to a local string | unzip | 6.0-21ubuntu1.1 | |
| LOW | CVE-2021-3973 | vim: Heap based buffer overflow in findfile.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-3974 | vim: Use after free in regexp_nfa.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-4193 | vim: out-of-bound read in getvcol() | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-0443 | vim: heap-use-after-free in enter_buffer() of src/buffer.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-0729 | vim: Use of Out-of-range Pointer Offset | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1733 | vim: Heap-based Buffer Overflow in cindent.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1735 | vim: changing text in visual mode may cause invalid memory access that lead to a heap buffer overflo | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1785 | vim: Out-of-bounds Write | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1796 | vim: Use After Free | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1898 | vim: use-after-free in find_pattern_in_path() in search.c | vim | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-3973 | vim: Heap based buffer overflow in findfile.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-3974 | vim: Use after free in regexp_nfa.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-4193 | vim: out-of-bound read in getvcol() | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-0443 | vim: heap-use-after-free in enter_buffer() of src/buffer.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-0729 | vim: Use of Out-of-range Pointer Offset | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1733 | vim: Heap-based Buffer Overflow in cindent.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1735 | vim: changing text in visual mode may cause invalid memory access that lead to a heap buffer overflo | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1785 | vim: Out-of-bounds Write | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1796 | vim: Use After Free | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1898 | vim: use-after-free in find_pattern_in_path() in search.c | vim-common | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-3973 | vim: Heap based buffer overflow in findfile.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-3974 | vim: Use after free in regexp_nfa.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-4193 | vim: out-of-bound read in getvcol() | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-0443 | vim: heap-use-after-free in enter_buffer() of src/buffer.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-0729 | vim: Use of Out-of-range Pointer Offset | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1733 | vim: Heap-based Buffer Overflow in cindent.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1735 | vim: changing text in visual mode may cause invalid memory access that lead to a heap buffer overflo | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1785 | vim: Out-of-bounds Write | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1796 | vim: Use After Free | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1898 | vim: use-after-free in find_pattern_in_path() in search.c | vim-runtime | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-3973 | vim: Heap based buffer overflow in findfile.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-3974 | vim: Use after free in regexp_nfa.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2021-4193 | vim: out-of-bound read in getvcol() | xxd | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-0443 | vim: heap-use-after-free in enter_buffer() of src/buffer.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-0729 | vim: Use of Out-of-range Pointer Offset | xxd | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1733 | vim: Heap-based Buffer Overflow in cindent.c | xxd | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1735 | vim: changing text in visual mode may cause invalid memory access that lead to a heap buffer overflo | xxd | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1785 | vim: Out-of-bounds Write | xxd | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1796 | vim: Use After Free | xxd | 2:8.0.1453-1ubuntu1.8 | |
| LOW | CVE-2022-1898 | vim: use-after-free in find_pattern_in_path() in search.c | xxd | 2:8.0.1453-1ubuntu1.8 |
Date: 2022-07-05