Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 3 of 3 results

CVE-2022-31129

Medium priority

Some fixes available 4 of 82

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment...

11 affected packages

gnucash, mediawiki, node-moment, ntopng, odoo...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnucash Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
mediawiki Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
node-moment Not affected Fixed Fixed Fixed Needs evaluation
ntopng Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
odoo Needs evaluation Needs evaluation Not in release Not in release Not in release
omnidb Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
postfixadmin Vulnerable Fixed Not affected Not affected Not affected
ruby-momentjs-rails Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
sabnzbdplus Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
syncthing Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
wordpress Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 11 packages Show less packages

CVE-2010-3999

Low priority
Ignored

gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

1 affected packages

gnucash

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnucash
Show less packages

CVE-2007-0007

Unknown priority
Ignored

gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files.

1 affected packages

gnucash

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gnucash
Show less packages