Search CVE reports
1 – 3 of 3 results
CVE-2022-31129
Medium prioritySome fixes available 4 of 92
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment...
11 affected packages
gnucash, mediawiki, node-moment, ntopng, odoo...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnucash | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
mediawiki | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
node-moment | Not affected | Fixed | Fixed | Fixed | Needs evaluation |
ntopng | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
odoo | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
omnidb | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
postfixadmin | Vulnerable | Fixed | Not affected | Not affected | Not affected |
ruby-momentjs-rails | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
sabnzbdplus | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
syncthing | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
wordpress | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2010-3999
Low prioritygnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
1 affected package
gnucash
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnucash | — | — | — | — | — |
CVE-2007-0007
Unknown prioritygnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files.
1 affected package
gnucash
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gnucash | — | — | — | — | — |