Search CVE reports
81 – 90 of 33202 results
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 24.04 LTS |
|---|---|
| webkitgtk | Not in release |
| webkit2gtk | Vulnerable |
| qtwebkit-source | Not in release |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | Not in release |
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 24.04 LTS |
|---|---|
| webkitgtk | Not in release |
| webkit2gtk | Vulnerable |
| qtwebkit-source | Not in release |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | Not in release |
Not in release
A testdata data-source can be used to trigger out-of-memory crashes in Grafana.
1 affected package
grafana
| Package | 24.04 LTS |
|---|---|
| grafana | Not in release |
A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates...
1 affected package
undertow
| Package | 24.04 LTS |
|---|---|
| undertow | Needs evaluation |
A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header...
1 affected package
undertow
| Package | 24.04 LTS |
|---|---|
| undertow | Needs evaluation |
A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache...
1 affected package
undertow
| Package | 24.04 LTS |
|---|---|
| undertow | Needs evaluation |
Not in release
The OpenFeature feature toggle evaluation endpoint reads unbounded values into memory, which can cause out-of-memory crashes.
1 affected package
grafana
| Package | 24.04 LTS |
|---|---|
| grafana | Not in release |
Not in release
A resample query can be used to trigger out-of-memory crashes in Grafana.
1 affected package
grafana
| Package | 24.04 LTS |
|---|---|
| grafana | Not in release |
Not in release
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to...
1 affected package
grafana
| Package | 24.04 LTS |
|---|---|
| grafana | Not in release |
Not in release
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid...
1 affected package
grafana
| Package | 24.04 LTS |
|---|---|
| grafana | Not in release |