Search CVE reports
1 – 2 of 2 results
CVE-2021-46143
Medium prioritySome fixes available 24 of 293
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
50 affected packages
apache2, apr-util, astropy, audacity, ayttm...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
astropy | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
audacity | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ayttm | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
cableswig | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
coda | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
coin3 | Not affected | Not affected | Not affected | Needs evaluation | Needs evaluation |
emboss | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
expat | Fixed | Fixed | Fixed | Fixed | Fixed |
firefox | Fixed | Fixed | Fixed | Fixed | Ignored |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
harp | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
ibm-3270 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
insighttoolkit | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
insighttoolkit4 | Not in release | Not affected | Not affected | Not affected | Needs evaluation |
insighttoolkit5 | Needs evaluation | Needs evaluation | — | — | Ignored |
libsynthesis | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libxmltok | Vulnerable | Fixed | Fixed | Fixed | Fixed |
mame | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
matanza | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
opencollada | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
paraview | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
poco | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
python2.7 | Not in release | Not affected | Not affected | Not affected | Not affected |
python3.10 | Not in release | Not affected | Not in release | Not in release | Not in release |
python3.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
python3.5 | Not in release | Not in release | Not in release | Not in release | Not affected |
python3.6 | Not in release | Not in release | Not in release | Not affected | Not in release |
python3.7 | Not in release | Not in release | Not in release | Not affected | Not in release |
python3.8 | Not in release | Not in release | Not affected | Not affected | Not in release |
python3.9 | Not in release | Not in release | Not affected | Not in release | Not in release |
qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
sitecopy | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
smart | Not in release | Not in release | Not in release | Not affected | Not affected |
swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
thunderbird | Not affected | Not affected | Not affected | Ignored | Ignored |
tla | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
visp | Needs evaluation | Needs evaluation | — | Needs evaluation | Needs evaluation |
vnc4 | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
vtk | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xmlrpc | — | — | — | — | Ignored |
xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xsd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2012-5662
Medium priorityx3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL...
1 affected packages
ibm-3270
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ibm-3270 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Not affected |