CVE reports
The Common Vulnerabilities and Exposures (CVE) system is used to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Canonical keeps track of all CVEs affecting Ubuntu, and releases a security notice when an issue is fixed.
Canonical also produces Open Vulnerability and Assessment Language (OVAL) data, which is machine-readable, to enable auditing for CVEs and to determine whether a particular patch, via an Ubuntu Security Notice (USN), is appropriate for the local system.
Search
Recent CVEs affecting Ubuntu
| ID | Priority | Package |
14.04 ESM
|
16.04 ESM
|
18.04 LTS
|
20.04 LTS
|
22.04 LTS
|
22.10
|
|---|---|---|---|---|---|---|---|---|
| CVE-2023-21884 |
medium
|
virtualbox |
Ignored
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
| CVE-2023-21843 |
low
|
openjdk-8 |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
| icedtea-web |
Ignored
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
||
| openjdk-9 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| openjdk-lts |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
||
| openjdk-13 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| openjdk-16 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| openjdk-17 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
||
| openjdk-18 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| openjdk-19 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| openjdk-21 |
Ignored
|
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| CVE-2023-21835 |
medium
|
openjdk-8 |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
| icedtea-web |
Ignored
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
||
| openjdk-9 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| openjdk-lts |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
||
| openjdk-13 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| openjdk-16 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| openjdk-17 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
||
| openjdk-18 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| openjdk-19 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| openjdk-21 |
Ignored
|
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| CVE-2023-21830 |
medium
|
openjdk-8 |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
| icedtea-web |
Ignored
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
||
| openjdk-9 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| openjdk-lts |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
||
| openjdk-13 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| openjdk-16 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| openjdk-17 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
||
| openjdk-18 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| openjdk-19 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| openjdk-21 |
Ignored
|
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| CVE-2023-23606 |
medium
|
mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
| mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| firefox |
Ignored
|
Needs triage
|
Released
|
Released
|
Needs triage
|
Needs triage
|
||
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| CVE-2023-23605 |
medium
|
firefox |
Ignored
|
Needs triage
|
Released
|
Released
|
Needs triage
|
Needs triage
|
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| CVE-2023-23604 |
medium
|
firefox |
Ignored
|
Needs triage
|
Released
|
Released
|
Needs triage
|
Needs triage
|
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| CVE-2023-23603 |
medium
|
firefox |
Ignored
|
Needs triage
|
Released
|
Released
|
Needs triage
|
Needs triage
|
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| CVE-2023-23602 |
medium
|
mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
| mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| firefox |
Ignored
|
Needs triage
|
Released
|
Released
|
Needs triage
|
Needs triage
|
||
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| CVE-2023-23601 |
medium
|
firefox |
Ignored
|
Needs triage
|
Released
|
Released
|
Needs triage
|
Needs triage
|
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| CVE-2023-23600 |
medium
|
firefox |
Ignored
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| CVE-2023-23599 |
medium
|
firefox |
Ignored
|
Needs triage
|
Released
|
Released
|
Needs triage
|
Needs triage
|
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| CVE-2023-23598 |
medium
|
mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| firefox |
Ignored
|
Needs triage
|
Released
|
Released
|
Needs triage
|
Needs triage
|
||
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| CVE-2023-23597 |
medium
|
firefox |
Ignored
|
Needs triage
|
Released
|
Released
|
Needs triage
|
Needs triage
|
| thunderbird |
Ignored
|
Needed
|
Needed
|
Needed
|
Needed
|
Needed
|
||
| mozjs38 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mozjs52 |
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs68 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mozjs78 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| mozjs91 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
||
| CVE-2023-22809 |
medium
|
sudo |
Needed
|
Released
|
Released
|
Released
|
Released
|
Released
|
| CVE-2023-21887 |
medium
|
mysql-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
| mysql-5.6 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-5.7 |
Does not exist
|
Not vulnerable
|
Not vulnerable
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-8.0 |
Does not exist
|
Does not exist
|
Does not exist
|
Released
|
Released
|
Released
|
||
| mariadb-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.0 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.1 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.3 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mariadb-10.6 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| percona-xtradb-cluster-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-xtradb-cluster-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-server-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| CVE-2023-21883 |
medium
|
mysql-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
| mysql-5.6 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-5.7 |
Does not exist
|
Not vulnerable
|
Not vulnerable
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-8.0 |
Does not exist
|
Does not exist
|
Does not exist
|
Released
|
Released
|
Released
|
||
| mariadb-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.0 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.1 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.3 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mariadb-10.6 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| percona-xtradb-cluster-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-xtradb-cluster-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-server-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| CVE-2023-21882 |
medium
|
mysql-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
| mysql-5.6 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-5.7 |
Does not exist
|
Not vulnerable
|
Not vulnerable
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-8.0 |
Does not exist
|
Does not exist
|
Does not exist
|
Released
|
Released
|
Released
|
||
| mariadb-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.0 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.1 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.3 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mariadb-10.6 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| percona-xtradb-cluster-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-xtradb-cluster-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-server-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| CVE-2023-21881 |
medium
|
mysql-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
| mysql-5.6 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-5.7 |
Does not exist
|
Not vulnerable
|
Not vulnerable
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-8.0 |
Does not exist
|
Does not exist
|
Does not exist
|
Released
|
Released
|
Released
|
||
| mariadb-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.0 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.1 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.3 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mariadb-10.6 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| percona-xtradb-cluster-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-xtradb-cluster-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-server-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| CVE-2023-21880 |
medium
|
mysql-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
| mysql-5.6 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-5.7 |
Does not exist
|
Not vulnerable
|
Not vulnerable
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mysql-8.0 |
Does not exist
|
Does not exist
|
Does not exist
|
Released
|
Released
|
Released
|
||
| mariadb-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.0 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.1 |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| mariadb-10.3 |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
||
| mariadb-10.6 |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
Needs triage
|
||
| percona-xtradb-cluster-5.5 |
Ignored
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-xtradb-cluster-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
||
| percona-server-5.6 |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|