Search CVE reports
71 – 80 of 41181 results
Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version...
1 affected package
apache2
| Package | 20.04 LTS |
|---|---|
| apache2 | Needs evaluation |
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through...
1 affected package
apache2
| Package | 20.04 LTS |
|---|---|
| apache2 | Needs evaluation |
Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.
1 affected package
apache2
| Package | 20.04 LTS |
|---|---|
| apache2 | Needs evaluation |
Possible Out of Bounds Read in X509_VERIFY_PARAM_set1_email()
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 20.04 LTS |
|---|---|
| openssl | Not affected |
| openssl-fips | — |
| openssl1.0 | — |
| nodejs | Not affected |
| edk2 | Not affected |
FFC-DH Peer Validation Uses Attacker-Supplied q
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 20.04 LTS |
|---|---|
| openssl | Not affected |
| openssl-fips | — |
| openssl1.0 | — |
| nodejs | Not affected |
| edk2 | Not affected |
Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 20.04 LTS |
|---|---|
| openssl | Not affected |
| openssl-fips | — |
| openssl1.0 | — |
| nodejs | Not affected |
| edk2 | Not affected |
Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 20.04 LTS |
|---|---|
| openssl | Not affected |
| openssl-fips | — |
| openssl1.0 | — |
| nodejs | Not affected |
| edk2 | Not affected |
NULL Pointer Dereference in CRMF EncryptedValue Decryption
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 20.04 LTS |
|---|---|
| openssl | Not affected |
| openssl-fips | — |
| openssl1.0 | — |
| nodejs | Not affected |
| edk2 | Not affected |
Some fixes available 1 of 2
Possible NULL Dereference in Password-Based CMS Decryption
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 20.04 LTS |
|---|---|
| openssl | Fixed |
| openssl-fips | — |
| openssl1.0 | — |
| nodejs | Not affected |
| edk2 | Needs evaluation |
NULL Dereference in Certificate Verification with OCSP Checking
5 affected packages
openssl, openssl-fips, openssl1.0, nodejs, edk2
| Package | 20.04 LTS |
|---|---|
| openssl | Not affected |
| openssl-fips | — |
| openssl1.0 | — |
| nodejs | Not affected |
| edk2 | Not affected |