Search CVE reports
261 – 270 of 33329 results
A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is...
1 affected package
discount
| Package | 24.04 LTS |
|---|---|
| discount | Needs evaluation |
crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the `crun exec` option `-u` (`--user`) is incorrectly parsed. The value `1` is interpreted as UID 0 and GID 0 when it should have...
1 affected package
crun
| Package | 24.04 LTS |
|---|---|
| crun | Needs evaluation |
Not in release
[Unknown description]
1 affected package
dnf5
| Package | 24.04 LTS |
|---|---|
| dnf5 | Not in release |
Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable...
2 affected packages
squid, squid3
| Package | 24.04 LTS |
|---|---|
| squid | Needs evaluation |
| squid3 | Not in release |
Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of...
2 affected packages
squid, squid3
| Package | 24.04 LTS |
|---|---|
| squid | Needs evaluation |
| squid3 | Not in release |
Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This...
2 affected packages
squid, squid3
| Package | 24.04 LTS |
|---|---|
| squid | Needs evaluation |
| squid3 | Not in release |
Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary...
1 affected package
libplack-middleware-session-perl
| Package | 24.04 LTS |
|---|---|
| libplack-middleware-session-perl | Not affected |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.11.0 and prior to versions 2.11.15 and 2.12.6, a valid client which uses message tracing headers can indicate...
1 affected package
nats-server
| Package | 24.04 LTS |
|---|---|
| nats-server | Needs evaluation |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with `verify_and_map` to derive a NATS identity from the...
1 affected package
nats-server
| Package | 24.04 LTS |
|---|---|
| nats-server | Needs evaluation |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, the NATS message header `Nats-Request-Info:` is supposed to be a guarantee of identity by the...
1 affected package
nats-server
| Package | 24.04 LTS |
|---|---|
| nats-server | Needs evaluation |