CVE reports

The Common Vulnerabilities and Exposures (CVE) system is used to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Canonical keeps track of all CVEs affecting Ubuntu, and releases a security notice when an issue is fixed.

Canonical also produces Open Vulnerability and Assessment Language (OVAL) data, which is machine-readable, to enable auditing for CVEs and to determine whether a particular patch, via an Ubuntu Security Notice (USN), is appropriate for the local system.

Search

CVE ID or description contains:

Package:

Priority:

Ubuntu version

Status

Recent CVEs affecting Ubuntu

ID	Priority	Package	14.04 ESM	16.04 ESM	18.04 ESM	20.04 LTS	22.04 LTS	23.04	23.10
CVE-2023-5170	medium	firefox	Ignored	Ignored	Ignored	Released	Needs triage	Needs triage	—
		thunderbird	Ignored	Ignored	Ignored	Needed	Needed	Needed	—
		mozjs38	Does not exist	Does not exist	Needs triage	Does not exist	Does not exist	Does not exist	—
		mozjs52	Does not exist	Does not exist	Needs triage	Needs triage	Does not exist	Does not exist	—
		mozjs68	Does not exist	Does not exist	Does not exist	Needs triage	Does not exist	Does not exist	—
		mozjs78	Does not exist	Does not exist	Does not exist	Does not exist	Needs triage	Needs triage	—
		mozjs91	Does not exist	Does not exist	Does not exist	Does not exist	Needs triage	Does not exist	—
		mozjs102	Does not exist	Does not exist	Does not exist	Does not exist	Needs triage	Needs triage	—
CVE-2023-5169	medium	firefox	Ignored	Ignored	Ignored	Released	Needs triage	Needs triage	—
		thunderbird	Ignored	Ignored	Ignored	Released	Released	Released	—
		mozjs38	Does not exist	Does not exist	Needs triage	Does not exist	Does not exist	Does not exist	—
		mozjs52	Does not exist	Does not exist	Needs triage	Needs triage	Does not exist	Does not exist	—
		mozjs68	Does not exist	Does not exist	Does not exist	Needs triage	Does not exist	Does not exist	—
		mozjs78	Does not exist	Does not exist	Does not exist	Does not exist	Needs triage	Needs triage	—
		mozjs91	Does not exist	Does not exist	Does not exist	Does not exist	Needs triage	Does not exist	—
		mozjs102	Does not exist	Does not exist	Does not exist	Does not exist	Needs triage	Needs triage	—
CVE-2023-5168	medium	firefox	Ignored	Ignored	Ignored	Needs triage	Needs triage	Needs triage	—
		thunderbird	Ignored	Ignored	Ignored	Needs triage	Needs triage	Needs triage	—
		mozjs38	Does not exist	Does not exist	Needs triage	Does not exist	Does not exist	Does not exist	—
		mozjs52	Does not exist	Does not exist	Needs triage	Needs triage	Does not exist	Does not exist	—
		mozjs68	Does not exist	Does not exist	Does not exist	Needs triage	Does not exist	Does not exist	—
		mozjs78	Does not exist	Does not exist	Does not exist	Does not exist	Needs triage	Needs triage	—
		mozjs91	Does not exist	Does not exist	Does not exist	Does not exist	Needs triage	Does not exist	—
		mozjs102	Does not exist	Does not exist	Does not exist	Does not exist	Needs triage	Needs triage	—
CVE-2023-42822	medium	xrdp	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
CVE-2023-42756	high	linux	Not vulnerable	Not vulnerable	Not vulnerable	Needed	Needed	Needed	—
		linux-hwe	Does not exist	Not vulnerable	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-hwe-5.4	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-hwe-5.8	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-hwe-5.11	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-hwe-5.13	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-hwe-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
		linux-hwe-5.19	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
		linux-hwe-6.2	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Does not exist	—
		linux-hwe-edge	Does not exist	Ignored	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-lts-xenial	Not vulnerable	Does not exist	Does not exist	Does not exist	Does not exist	Does not exist	—
		linux-kvm	Does not exist	Not vulnerable	Not vulnerable	Needed	Needed	Needed	—
		linux-allwinner	Does not exist	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	—
		linux-allwinner-5.19	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
		linux-aws	Not vulnerable	Not vulnerable	Not vulnerable	Needed	Needed	Needed	—
		linux-aws-5.0	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-aws-5.3	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-aws-5.4	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-aws-5.8	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-aws-5.11	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-aws-5.13	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-aws-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
		linux-aws-5.19	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
		linux-aws-6.2	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Does not exist	—
		linux-aws-hwe	Does not exist	Not vulnerable	Does not exist	Does not exist	Does not exist	Does not exist	—
		linux-azure	Not vulnerable	Not vulnerable	Ignored	Needed	Needed	Needed	—
		linux-azure-4.15	Does not exist	Does not exist	Not vulnerable	Does not exist	Does not exist	Does not exist	—
		linux-azure-5.3	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-azure-5.4	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-azure-5.8	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-azure-5.11	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-azure-5.13	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-azure-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
		linux-azure-5.19	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
		linux-azure-6.2	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Does not exist	—
		linux-azure-fde	Does not exist	Does not exist	Does not exist	Ignored	Needed	Does not exist	—
		linux-azure-fde-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
		linux-azure-fde-5.19	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
		linux-azure-fde-6.2	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Does not exist	—
		linux-bluefield	Does not exist	Does not exist	Does not exist	Needed	Needed	Does not exist	—
		linux-dell300x	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-azure-edge	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-fips	Ignored	Ignored	Does not exist	Does not exist	Does not exist	Does not exist	—
		linux-gcp	Does not exist	Not vulnerable	Ignored	Needed	Needed	Needed	—
		linux-gcp-4.15	Does not exist	Does not exist	Not vulnerable	Does not exist	Does not exist	Does not exist	—
		linux-gcp-5.3	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-gcp-5.4	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-gcp-5.8	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-gcp-5.11	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-gcp-5.13	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-gcp-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
		linux-gcp-5.19	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
		linux-gcp-6.2	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Does not exist	—
		linux-gke	Does not exist	Ignored	Does not exist	Ignored	Needed	Does not exist	—
		linux-gke-4.15	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-gke-5.0	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-gke-5.3	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-gke-5.4	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-gke-5.15	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
		linux-gkeop	Does not exist	Does not exist	Does not exist	Needed	Needed	Does not exist	—
		linux-gkeop-5.4	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
		linux-gkeop-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
		linux-ibm	Does not exist	Does not exist	Does not exist	Needed	Needed	Ignored	—
		linux-ibm-5.4	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
linux-ibm-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
linux-intel-5.13	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-intel-iotg	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Does not exist	—
linux-intel-iotg-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
linux-iot	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
linux-lowlatency	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Needed	—
linux-lowlatency-hwe-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
linux-lowlatency-hwe-5.19	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
linux-lowlatency-hwe-6.2	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Does not exist	—
linux-nvidia	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Does not exist	—
linux-oracle	Does not exist	Not vulnerable	Not vulnerable	Needed	Needed	Needed	—
linux-oracle-5.0	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
linux-oracle-5.3	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
linux-oracle-5.4	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
linux-oracle-5.8	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-oracle-5.11	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-oracle-5.13	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-oracle-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
linux-oem	Does not exist	Ignored	Ignored	Does not exist	Does not exist	Does not exist	—
linux-oem-5.6	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-oem-5.10	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-oem-5.13	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-oem-5.14	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-oem-5.17	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
linux-oem-6.0	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
linux-oem-6.1	Does not exist	Does not exist	Does not exist	Does not exist	Needed	Does not exist	—
linux-oem-osp1	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
linux-raspi	Does not exist	Does not exist	Does not exist	Needed	Needed	Needed	—
linux-raspi2	Does not exist	Ignored	Ignored	Ignored	Does not exist	Does not exist	—
linux-raspi2-5.3	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
linux-raspi-5.4	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	Does not exist	—
linux-riscv	Does not exist	Does not exist	Does not exist	Ignored	Ignored	Needed	—
linux-riscv-5.8	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-riscv-5.11	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	Does not exist	—
linux-riscv-5.15	Does not exist	Does not exist	Does not exist	Needed	Does not exist	Does not exist	—
linux-riscv-5.19	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
linux-snapdragon	Does not exist	Ignored	Ignored	Does not exist	Does not exist	Does not exist	—
linux-starfive	Does not exist	Does not exist	Does not exist	Does not exist	Does not exist	Needed	—
linux-starfive-5.19	Does not exist	Does not exist	Does not exist	Does not exist	Ignored	Does not exist	—
linux-xilinx-zynqmp	Does not exist	Does not exist	Does not exist	Needed	Ignored	Does not exist	—
CVE-2023-42119	medium	exim4	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
CVE-2023-42118	medium	exim4	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
CVE-2023-42117	medium	exim4	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
CVE-2023-42116	medium	exim4	Needed	Needed	Needed	Needed	Needed	Needed	—
CVE-2023-42115	medium	exim4	Not vulnerable	Not vulnerable	Not vulnerable	Needed	Needed	Needed	—
CVE-2023-42114	medium	exim4	Needed	Needed	Needed	Needed	Needed	Needed	—
CVE-2023-41993	medium	webkitgtk	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		webkit2gtk	Does not exist	Ignored	Ignored	Ignored	Needs triage	Needs triage	—
		qtwebkit-source	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		qtwebkit-opensource-src	Ignored	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
		wpewebkit	Ignored	Ignored	Ignored	Needs triage	Needs triage	Does not exist	—
CVE-2023-41074	medium	webkitgtk	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		webkit2gtk	Does not exist	Ignored	Ignored	Ignored	Needs triage	Needs triage	—
		qtwebkit-source	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		qtwebkit-opensource-src	Ignored	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
		wpewebkit	Ignored	Ignored	Ignored	Needs triage	Needs triage	Does not exist	—
CVE-2023-40476	medium	gst-plugins-bad0.10	Needs triage	Ignored	Ignored	Does not exist	Does not exist	Does not exist	—
CVE-2023-40476	medium	gst-plugins-bad1.0	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
CVE-2023-40475	medium	gst-plugins-bad0.10	Needs triage	Ignored	Ignored	Does not exist	Does not exist	Does not exist	—
CVE-2023-40475	medium	gst-plugins-bad1.0	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
CVE-2023-40474	medium	gst-plugins-bad0.10	Needs triage	Ignored	Ignored	Does not exist	Does not exist	Does not exist	—
CVE-2023-40474	medium	gst-plugins-bad1.0	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
CVE-2023-40451	medium	webkitgtk	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		webkit2gtk	Does not exist	Ignored	Ignored	Ignored	Needs triage	Needs triage	—
		qtwebkit-source	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		qtwebkit-opensource-src	Ignored	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
		wpewebkit	Ignored	Ignored	Ignored	Needs triage	Needs triage	Does not exist	—
CVE-2023-39928	medium	webkitgtk	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		webkit2gtk	Does not exist	Ignored	Ignored	Ignored	Needs triage	Needs triage	—
		qtwebkit-source	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		qtwebkit-opensource-src	Ignored	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
		wpewebkit	Ignored	Ignored	Ignored	Needs triage	Needs triage	Does not exist	—
CVE-2023-39434	medium	webkitgtk	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		webkit2gtk	Does not exist	Ignored	Ignored	Ignored	Needs triage	Needs triage	—
		qtwebkit-source	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		qtwebkit-opensource-src	Ignored	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
		wpewebkit	Ignored	Ignored	Ignored	Needs triage	Needs triage	Does not exist	—
CVE-2023-35074	medium	webkitgtk	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		webkit2gtk	Does not exist	Ignored	Ignored	Ignored	Needs triage	Needs triage	—
		qtwebkit-source	Ignored	Needs triage	Needs triage	Does not exist	Does not exist	Does not exist	—
		qtwebkit-opensource-src	Ignored	Needs triage	Needs triage	Needs triage	Needs triage	Needs triage	—
		wpewebkit	Ignored	Ignored	Ignored	Needs triage	Needs triage	Does not exist	—

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

CVE reports

Search

Recent CVEs affecting Ubuntu

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading