Search CVE reports
911 – 920 of 37643 results
The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation....
12 affected packages
python2.7, python3.4, python3.5, python3.6, python3.7...
| Package | 22.04 LTS |
|---|---|
| python2.7 | Needs evaluation |
| python3.4 | Not in release |
| python3.5 | Not in release |
| python3.6 | Not in release |
| python3.7 | Not in release |
| python3.8 | Not in release |
| python3.9 | Not in release |
| python3.10 | Needs evaluation |
| python3.11 | Needs evaluation |
| python3.12 | Not in release |
| python3.13 | Not in release |
| python3.14 | Not in release |
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib Python library concerning the validation of OpenID Connect (OIDC) ID...
1 affected package
python-authlib
| Package | 22.04 LTS |
|---|---|
| python-authlib | Needs evaluation |
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a cryptographic padding oracle vulnerability was identified in the Authlib Python library concerning the implementation of the JSON...
1 affected package
python-authlib
| Package | 22.04 LTS |
|---|---|
| python-authlib | Needs evaluation |
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a JWK Header Injection vulnerability in authlib's JWS implementation allows an unauthenticated attacker to forge arbitrary JWT...
1 affected package
python-authlib
| Package | 22.04 LTS |
|---|---|
| python-authlib | Needs evaluation |
An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXT_HOP path attribute
1 affected package
gobgp
| Package | 22.04 LTS |
|---|---|
| gobgp | Needs evaluation |
A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box. The manipulation of the...
1 affected package
gpac
| Package | 22.04 LTS |
|---|---|
| gpac | Needs evaluation |
Not in release
A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk_exports_trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The...
1 affected package
radare2
| Package | 22.04 LTS |
|---|---|
| radare2 | Not in release |
A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially...
1 affected package
binutils
| Package | 22.04 LTS |
|---|---|
| binutils | Needs evaluation |
A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a...
1 affected package
binutils
| Package | 22.04 LTS |
|---|---|
| binutils | Needs evaluation |
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.
23 affected packages
expat, coin3, apache2, apr-util, cmake...
| Package | 22.04 LTS |
|---|---|
| expat | Needs evaluation |
| coin3 | Not affected |
| apache2 | Not affected |
| apr-util | Not affected |
| cmake | Not affected |
| ghostscript | Not affected |
| texlive-bin | Not affected |
| xmlrpc-c | Needs evaluation |
| vnc4 | Not in release |
| wbxml2 | Needs evaluation |
| swish-e | Needs evaluation |
| insighttoolkit4 | Needs evaluation |
| cadaver | Needs evaluation |
| gdcm | Not affected |
| ayttm | Not in release |
| cableswig | Not in release |
| matanza | Ignored |
| tdom | Needs evaluation |
| vtk | Not in release |
| smart | Not in release |
| firefox | Not affected |
| thunderbird | Not affected |
| libxmltok | Needs evaluation |