Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

61 – 70 of 429 results

CVE-2021-43172

Low priority
Needs evaluation

NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRDP repositories of infinite length causing it to never finish a validation run. In RPKI, a CA can choose the RRDP repository it wishes to publish its data in. By...

3 affected packages

cfrpki, fort-validator, rpki-client

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
cfrpki Not in release Needs evaluation Ignored
fort-validator Needs evaluation Needs evaluation Needs evaluation Ignored
rpki-client Not affected Not affected Ignored
Show less packages

CVE-2021-43114

Medium priority
Needs evaluation

FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation.

1 affected packages

fort-validator

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fort-validator Not affected Not affected Needs evaluation Ignored
Show less packages

CVE-2021-3765

Medium priority
Needs evaluation

validator.js is vulnerable to Inefficient Regular Expression Complexity

1 affected packages

validator.js

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
validator.js Needs evaluation Needs evaluation
Show less packages

CVE-2021-40347

Medium priority
Fixed

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged into any account) can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address...

1 affected packages

postorius

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
postorius Fixed Fixed Fixed Ignored
Show less packages

CVE-2021-38385

Medium priority

Some fixes available 3 of 5

Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007.

1 affected packages

tor

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tor Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-37695

Medium priority

Some fixes available 4 of 37

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ckeditor Not affected Not affected Fixed Fixed Fixed
ckeditor3 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
ldap-account-manager Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
request-tracker4 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-32809

Medium priority

Some fixes available 4 of 5

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Clipboard](https://ckeditor.com/cke4/addon/clipboard) package. The vulnerability allowed to...

1 affected packages

ckeditor

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ckeditor Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-32808

Medium priority

Some fixes available 1 of 2

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse...

1 affected packages

ckeditor

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ckeditor Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-32440

Medium priority
Needs evaluation

The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

2 affected packages

ccextractor, gpac

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ccextractor Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
gpac Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-32439

Medium priority
Needs evaluation

Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

2 affected packages

ccextractor, gpac

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ccextractor Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
gpac Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages
  1. Previous page
  2. 5
  3. 6
  4. 7
  5. 8
  6. 9
  7. Next page
Export to JSON