Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 5 of 5 results


CVE-2024-43370

Medium priority
Needs evaluation

gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting (XSS) injection if `.po` dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround,...

1 affected packages

gettext.js

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gettext.js Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2015-8980

Medium priority

Some fixes available 2 of 6

The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.

1 affected packages

php-gettext

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
php-gettext Not affected Not in release Not affected Fixed
Show less packages

CVE-2018-18751

Medium priority
Fixed

An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.

1 affected packages

gettext

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gettext Fixed Fixed
Show less packages

CVE-2016-6175

Medium priority
Vulnerable

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header.

1 affected packages

php-gettext

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
php-gettext Not affected Not affected Not in release Vulnerable Vulnerable
Show less packages

CVE-2004-0966

Unknown priority
Fixed

The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink...

1 affected packages

gettext

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gettext
Show less packages