Vulnerabilities |
67 via 269 paths |
---|---|
Dependencies |
419 |
Source |
Docker |
Target OS |
ubuntu:20.04 |
medium severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.9, imagemagick/imagemagick-6-common@8:6.9.10.23+dfsg-2.1ubuntu11.9 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/imagemagick-6-common@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/imagemagick-6.q16@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6-arch-config@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6-headers@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-6@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-6-extra@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6-headers@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6.q16-6@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6.q16-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
Remediation
There is no fixed version for Ubuntu:20.04
imagemagick
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-34152
- https://access.redhat.com/security/cve/CVE-2023-34152
- https://bugzilla.redhat.com/show_bug.cgi?id=2210659
- https://github.com/ImageMagick/ImageMagick/issues/6339
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/
medium severity
- Vulnerable module: gdk-pixbuf/gir1.2-gdkpixbuf-2.0
- Introduced through: gdk-pixbuf/gir1.2-gdkpixbuf-2.0@2.40.0+dfsg-3ubuntu0.4, gdk-pixbuf/libgdk-pixbuf2.0-0@2.40.0+dfsg-3ubuntu0.4 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › gdk-pixbuf/gir1.2-gdkpixbuf-2.0@2.40.0+dfsg-3ubuntu0.4
-
Introduced through: buildpack-deps@20.04 › gdk-pixbuf/libgdk-pixbuf2.0-0@2.40.0+dfsg-3ubuntu0.4
-
Introduced through: buildpack-deps@20.04 › gdk-pixbuf/libgdk-pixbuf2.0-bin@2.40.0+dfsg-3ubuntu0.4
-
Introduced through: buildpack-deps@20.04 › gdk-pixbuf/libgdk-pixbuf2.0-common@2.40.0+dfsg-3ubuntu0.4
-
Introduced through: buildpack-deps@20.04 › gdk-pixbuf/libgdk-pixbuf2.0-dev@2.40.0+dfsg-3ubuntu0.4
NVD Description
Note: Versions mentioned in the description apply only to the upstream gdk-pixbuf
package and not the gdk-pixbuf
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or code execution attack. This occurs in gdk_pixbuf_set_option() in gdk-pixbuf.c.
Remediation
There is no fixed version for Ubuntu:20.04
gdk-pixbuf
.
References
medium severity
- Vulnerable module: python2.7
- Introduced through: python2.7@2.7.18-1~20.04.4, python2.7/libpython2.7-minimal@2.7.18-1~20.04.4 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › python2.7@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/libpython2.7-minimal@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/libpython2.7-stdlib@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/python2.7-minimal@2.7.18-1~20.04.4
NVD Description
Note: Versions mentioned in the description apply only to the upstream python2.7
package and not the python2.7
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.
Remediation
There is no fixed version for Ubuntu:20.04
python2.7
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-0391
- https://bugs.python.org/issue43882
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
- https://security.netapp.com/advisory/ntap-20220225-0009/
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://security.gentoo.org/glsa/202305-02
- https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/
medium severity
- Vulnerable module: python2.7
- Introduced through: python2.7@2.7.18-1~20.04.4, python2.7/libpython2.7-minimal@2.7.18-1~20.04.4 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › python2.7@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/libpython2.7-minimal@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/libpython2.7-stdlib@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/python2.7-minimal@2.7.18-1~20.04.4
NVD Description
Note: Versions mentioned in the description apply only to the upstream python2.7
package and not the python2.7
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
Remediation
There is no fixed version for Ubuntu:20.04
python2.7
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-24329
- https://github.com/python/cpython/pull/99421
- https://pointernull.com/security/python-url-parse-problem.html
- https://security.netapp.com/advisory/ntap-20230324-0004/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/
- https://github.com/python/cpython/issues/102153
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/
- https://www.kb.cert.org/vuls/id/127587
- https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/
medium severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.9, imagemagick/imagemagick-6-common@8:6.9.10.23+dfsg-2.1ubuntu11.9 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/imagemagick-6-common@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/imagemagick-6.q16@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6-arch-config@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6-headers@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-6@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-6-extra@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6-headers@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6.q16-6@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6.q16-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.
Remediation
There is no fixed version for Ubuntu:20.04
imagemagick
.
References
medium severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:8.2p1-4ubuntu0.11
Detailed paths
-
Introduced through: buildpack-deps@20.04 › openssh/openssh-client@1:8.2p1-4ubuntu0.11
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim co-location in which the attacker has user privileges.
Remediation
There is no fixed version for Ubuntu:20.04
openssh
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-51767
- https://arxiv.org/abs/2309.02545
- https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/auth-passwd.c#L77
- https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/monitor.c#L878
- https://access.redhat.com/security/cve/CVE-2023-51767
- https://bugzilla.redhat.com/show_bug.cgi?id=2255850
- https://ubuntu.com/security/CVE-2023-51767
- https://security.netapp.com/advisory/ntap-20240125-0006/
medium severity
- Vulnerable module: pixman/libpixman-1-0
- Introduced through: pixman/libpixman-1-0@0.38.4-0ubuntu2.1 and pixman/libpixman-1-dev@0.38.4-0ubuntu2.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › pixman/libpixman-1-0@0.38.4-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › pixman/libpixman-1-dev@0.38.4-0ubuntu2.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream pixman
package and not the pixman
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c.
Remediation
There is no fixed version for Ubuntu:20.04
pixman
.
References
medium severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.9, imagemagick/imagemagick-6-common@8:6.9.10.23+dfsg-2.1ubuntu11.9 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/imagemagick-6-common@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/imagemagick-6.q16@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6-arch-config@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6-headers@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-6@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-6-extra@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6-headers@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6.q16-6@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6.q16-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68.
Remediation
There is no fixed version for Ubuntu:20.04
imagemagick
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-25664
- https://bugzilla.redhat.com/show_bug.cgi?id=1891605
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z3J6D7POCQYQKNVRDYLTTPM5SQC3WVTR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z3J6D7POCQYQKNVRDYLTTPM5SQC3WVTR/
medium severity
- Vulnerable module: wget
- Introduced through: wget@1.20.3-1ubuntu2
Detailed paths
-
Introduced through: buildpack-deps@20.04 › wget@1.20.3-1ubuntu2
NVD Description
Note: Versions mentioned in the description apply only to the upstream wget
package and not the wget
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
Remediation
There is no fixed version for Ubuntu:20.04
wget
.
References
medium severity
- Vulnerable module: gcc-defaults/cpp
- Introduced through: gcc-defaults/cpp@4:9.3.0-1ubuntu2, gcc-defaults/g++@4:9.3.0-1ubuntu2 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › gcc-defaults/cpp@4:9.3.0-1ubuntu2
-
Introduced through: buildpack-deps@20.04 › gcc-defaults/g++@4:9.3.0-1ubuntu2
-
Introduced through: buildpack-deps@20.04 › gcc-defaults/gcc@4:9.3.0-1ubuntu2
NVD Description
Note: Versions mentioned in the description apply only to the upstream gcc-defaults
package and not the gcc-defaults
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."
Remediation
There is no fixed version for Ubuntu:20.04
gcc-defaults
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-13844
- http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
- https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
- https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
- https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
- https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
- http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
medium severity
- Vulnerable module: xz-utils
- Introduced through: xz-utils@5.2.4-1ubuntu1.1, xz-utils/liblzma-dev@5.2.4-1ubuntu1.1 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › xz-utils@5.2.4-1ubuntu1.1
-
Introduced through: buildpack-deps@20.04 › xz-utils/liblzma-dev@5.2.4-1ubuntu1.1
-
Introduced through: buildpack-deps@20.04 › xz-utils/liblzma5@5.2.4-1ubuntu1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream xz-utils
package and not the xz-utils
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a reasonable size increase.
Remediation
There is no fixed version for Ubuntu:20.04
xz-utils
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-22916
- https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability
- https://tukaani.org/xz/
- https://bugzilla.redhat.com/show_bug.cgi?id=2234987
- https://bugzilla.suse.com/show_bug.cgi?id=1214590
- https://github.com/tukaani-project/xz/issues/61
- https://security-tracker.debian.org/tracker/CVE-2020-22916
- http://web.archive.org/web/20230918084612/https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
- Vulnerable module: python2.7
- Introduced through: python2.7@2.7.18-1~20.04.4, python2.7/libpython2.7-minimal@2.7.18-1~20.04.4 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › python2.7@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/libpython2.7-minimal@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/libpython2.7-stdlib@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/python2.7-minimal@2.7.18-1~20.04.4
NVD Description
Note: Versions mentioned in the description apply only to the upstream python2.7
package and not the python2.7
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
Remediation
There is no fixed version for Ubuntu:20.04
python2.7
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-27043
- http://python.com
- https://github.com/python/cpython/issues/102988
- http://python.org
- https://python-security.readthedocs.io/vuln/email-parseaddr-realname.html
- https://security.netapp.com/advisory/ntap-20230601-0003/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/
medium severity
- Vulnerable module: python2.7
- Introduced through: python2.7@2.7.18-1~20.04.4, python2.7/libpython2.7-minimal@2.7.18-1~20.04.4 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › python2.7@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/libpython2.7-minimal@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/libpython2.7-stdlib@2.7.18-1~20.04.4
-
Introduced through: buildpack-deps@20.04 › python2.7/python2.7-minimal@2.7.18-1~20.04.4
NVD Description
Note: Versions mentioned in the description apply only to the upstream python2.7
package and not the python2.7
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.
Remediation
There is no fixed version for Ubuntu:20.04
python2.7
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-4189
- https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e
- https://access.redhat.com/security/cve/CVE-2021-4189
- https://bugzilla.redhat.com/show_bug.cgi?id=2036020
- https://security-tracker.debian.org/tracker/CVE-2021-4189
- https://bugs.python.org/issue43285
- https://python-security.readthedocs.io/vuln/ftplib-pasv.html
- https://security.netapp.com/advisory/ntap-20221104-0004/
- https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html
- https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
medium severity
- Vulnerable module: python3.8
- Introduced through: python3.8@3.8.10-0ubuntu1~20.04.9, python3.8/libpython3.8-minimal@3.8.10-0ubuntu1~20.04.9 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › python3.8@3.8.10-0ubuntu1~20.04.9
-
Introduced through: buildpack-deps@20.04 › python3.8/libpython3.8-minimal@3.8.10-0ubuntu1~20.04.9
-
Introduced through: buildpack-deps@20.04 › python3.8/libpython3.8-stdlib@3.8.10-0ubuntu1~20.04.9
-
Introduced through: buildpack-deps@20.04 › python3.8/python3.8-minimal@3.8.10-0ubuntu1~20.04.9
NVD Description
Note: Versions mentioned in the description apply only to the upstream python3.8
package and not the python3.8
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
Remediation
There is no fixed version for Ubuntu:20.04
python3.8
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-27043
- http://python.com
- https://github.com/python/cpython/issues/102988
- http://python.org
- https://python-security.readthedocs.io/vuln/email-parseaddr-realname.html
- https://security.netapp.com/advisory/ntap-20230601-0003/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORLXS5YTKN65E2Q2NWKXMFS5FWQHRNZW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PHVGRKQAGANCSGFI3QMYOCIMS4IFOZA5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU6Y2S5CBN5BWCBDAJFTGIBZLK3S2G3J/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SINP4OVYNB2AGDYI2GS37EMW3H3F7XPZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWMBD4LNHWEXRI6YVFWJMTJQUL5WOFTS/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZXC32CJ7TWDPJO6GY2XIQRO7JZX5FLP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEUNZSZ3CVSM2QWVYH3N2XGOCDWNYUA3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2W2BZQIHMCKRI5FNBJERFYMS5PK6TAH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDDC2VOX7OQC6OHMYTVD4HLFZIV6PYBC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQVY5C5REXWJIORJIL2FIL3ALOEJEF72/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SOX7BCN6YL7B3RFPEEXPIU5CMTEHJOKR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6M5I6OQHJABNEYY555HUMMKX3Y4P25Z/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2MAICLFDDO3QVNHTZ2OCERZQ34R2PIC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HXYVPEZUA3465AEFX5JVFVP7KIFZMF3N/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY57BJGNCE5UUPHW/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QDRDDPDN3VFIYXJIYEABY6USX5EU66AG/
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
medium severity
- Vulnerable module: imagemagick
- Introduced through: imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.9, imagemagick/imagemagick-6-common@8:6.9.10.23+dfsg-2.1ubuntu11.9 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › imagemagick@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/imagemagick-6-common@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/imagemagick-6.q16@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6-arch-config@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6-headers@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-6@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-6-extra@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-6.q16-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickcore-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6-headers@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6.q16-6@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-6.q16-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
-
Introduced through: buildpack-deps@20.04 › imagemagick/libmagickwand-dev@8:6.9.10.23+dfsg-2.1ubuntu11.9
NVD Description
Note: Versions mentioned in the description apply only to the upstream imagemagick
package and not the imagemagick
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw.
Remediation
There is no fixed version for Ubuntu:20.04
imagemagick
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-39978
- https://github.com/ImageMagick/ImageMagick6/commit/c90e79b3b22fec309cab55af2ee606f71b027b12
- https://github.com/ImageMagick/ImageMagick6/compare/6.9.12-90...6.9.12-91
- https://github.com/rmagick/rmagick/pull/1406/files
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/
medium severity
new
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.31-0ubuntu9.14, glibc/libc-dev-bin@2.31-0ubuntu9.14 and others
- Fixed in: 2.31-0ubuntu9.15
Detailed paths
-
Introduced through: buildpack-deps@20.04 › glibc/libc-bin@2.31-0ubuntu9.14
-
Introduced through: buildpack-deps@20.04 › glibc/libc-dev-bin@2.31-0ubuntu9.14
-
Introduced through: buildpack-deps@20.04 › glibc/libc6@2.31-0ubuntu9.14
-
Introduced through: buildpack-deps@20.04 › glibc/libc6-dev@2.31-0ubuntu9.14
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
Remediation
Upgrade Ubuntu:20.04
glibc
to version 2.31-0ubuntu9.15 or higher.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-2961
- https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P3I4KYS6EU6S7QZ47WFNTPVAHFIUQNEL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAMJQI3Y6BHWV3CUTYBXOZONCUJNOB2Z/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BTJFBGHDYG5PEIFD5WSSSKSFZ2AZWC5N/
medium severity
- Vulnerable module: gnutls28/libgnutls30
- Introduced through: gnutls28/libgnutls30@3.6.13-2ubuntu1.10
- Fixed in: 3.6.13-2ubuntu1.11
Detailed paths
-
Introduced through: buildpack-deps@20.04 › gnutls28/libgnutls30@3.6.13-2ubuntu1.10
NVD Description
Note: Versions mentioned in the description apply only to the upstream gnutls28
package and not the gnutls28
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
Remediation
Upgrade Ubuntu:20.04
gnutls28
to version 3.6.13-2ubuntu1.11 or higher.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-28834
- https://access.redhat.com/security/cve/CVE-2024-28834
- https://bugzilla.redhat.com/show_bug.cgi?id=2269228
- https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
- https://people.redhat.com/~hkario/marvin/
- https://access.redhat.com/errata/RHSA-2024:1784
- https://minerva.crocs.fi.muni.cz/
- https://access.redhat.com/errata/RHSA-2024:1879
medium severity
- Vulnerable module: krb5/krb5-multidev
- Introduced through: krb5/krb5-multidev@1.17-6ubuntu4.4, krb5/libgssapi-krb5-2@1.17-6ubuntu4.4 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › krb5/krb5-multidev@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libgssapi-krb5-2@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libgssrpc4@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libk5crypto3@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkadm5clnt-mit11@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkadm5srv-mit11@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkdb5-9@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5-3@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5-dev@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5support0@1.17-6ubuntu4.4
NVD Description
Note: Versions mentioned in the description apply only to the upstream krb5
package and not the krb5
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.
Remediation
There is no fixed version for Ubuntu:20.04
krb5
.
References
medium severity
- Vulnerable module: krb5/krb5-multidev
- Introduced through: krb5/krb5-multidev@1.17-6ubuntu4.4, krb5/libgssapi-krb5-2@1.17-6ubuntu4.4 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › krb5/krb5-multidev@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libgssapi-krb5-2@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libgssrpc4@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libk5crypto3@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkadm5clnt-mit11@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkadm5srv-mit11@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkdb5-9@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5-3@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5-dev@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5support0@1.17-6ubuntu4.4
NVD Description
Note: Versions mentioned in the description apply only to the upstream krb5
package and not the krb5
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
Remediation
There is no fixed version for Ubuntu:20.04
krb5
.
References
medium severity
- Vulnerable module: krb5/krb5-multidev
- Introduced through: krb5/krb5-multidev@1.17-6ubuntu4.4, krb5/libgssapi-krb5-2@1.17-6ubuntu4.4 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › krb5/krb5-multidev@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libgssapi-krb5-2@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libgssrpc4@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libk5crypto3@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkadm5clnt-mit11@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkadm5srv-mit11@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkdb5-9@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5-3@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5-dev@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5support0@1.17-6ubuntu4.4
NVD Description
Note: Versions mentioned in the description apply only to the upstream krb5
package and not the krb5
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.
Remediation
There is no fixed version for Ubuntu:20.04
krb5
.
References
medium severity
- Vulnerable module: libgcrypt20
- Introduced through: libgcrypt20@1.8.5-5ubuntu1.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › libgcrypt20@1.8.5-5ubuntu1.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libgcrypt20
package and not the libgcrypt20
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
Remediation
There is no fixed version for Ubuntu:20.04
libgcrypt20
.
References
medium severity
new
- Vulnerable module: libyaml/libyaml-0-2
- Introduced through: libyaml/libyaml-0-2@0.2.2-1 and libyaml/libyaml-dev@0.2.2-1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › libyaml/libyaml-0-2@0.2.2-1
-
Introduced through: buildpack-deps@20.04 › libyaml/libyaml-dev@0.2.2-1
NVD Description
Note: Versions mentioned in the description apply only to the upstream libyaml
package and not the libyaml
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical. Affected by this issue is the function yaml_emitter_emit_flow_sequence_item of the file /src/libyaml/src/emitter.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Remediation
There is no fixed version for Ubuntu:20.04
libyaml
.
References
medium severity
new
- Vulnerable module: mysql-8.0/libmysqlclient-dev
- Introduced through: mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1 and mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
Detailed paths
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient-dev@8.0.36-0ubuntu0.20.04.1
-
Introduced through: buildpack-deps@20.04 › mysql-8.0/libmysqlclient21@8.0.36-0ubuntu0.20.04.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream mysql-8.0
package and not the mysql-8.0
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Remediation
There is no fixed version for Ubuntu:20.04
mysql-8.0
.
References
low severity
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.31-0ubuntu9.14, glibc/libc-dev-bin@2.31-0ubuntu9.14 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › glibc/libc-bin@2.31-0ubuntu9.14
-
Introduced through: buildpack-deps@20.04 › glibc/libc-dev-bin@2.31-0ubuntu9.14
-
Introduced through: buildpack-deps@20.04 › glibc/libc6@2.31-0ubuntu9.14
-
Introduced through: buildpack-deps@20.04 › glibc/libc6-dev@2.31-0ubuntu9.14
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.
Remediation
There is no fixed version for Ubuntu:20.04
glibc
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-33574
- https://security.netapp.com/advisory/ntap-20210629-0005/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
- https://security.gentoo.org/glsa/202107-07
- https://sourceware.org/bugzilla/show_bug.cgi?id=27896
- https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
- https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
low severity
- Vulnerable module: git
- Introduced through: git@1:2.25.1-1ubuntu3.11 and git/git-man@1:2.25.1-1ubuntu3.11
Detailed paths
-
Introduced through: buildpack-deps@20.04 › git@1:2.25.1-1ubuntu3.11
-
Introduced through: buildpack-deps@20.04 › git/git-man@1:2.25.1-1ubuntu3.11
NVD Description
Note: Versions mentioned in the description apply only to the upstream git
package and not the git
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).
Remediation
There is no fixed version for Ubuntu:20.04
git
.
References
low severity
- Vulnerable module: systemd/libsystemd0
- Introduced through: systemd/libsystemd0@245.4-4ubuntu3.23 and systemd/libudev1@245.4-4ubuntu3.23
Detailed paths
-
Introduced through: buildpack-deps@20.04 › systemd/libsystemd0@245.4-4ubuntu3.23
-
Introduced through: buildpack-deps@20.04 › systemd/libudev1@245.4-4ubuntu3.23
NVD Description
Note: Versions mentioned in the description apply only to the upstream systemd
package and not the systemd
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.
Remediation
There is no fixed version for Ubuntu:20.04
systemd
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-26604
- https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/
- https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340
- https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7
- https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html
- https://security.netapp.com/advisory/ntap-20230505-0009/
- http://packetstormsecurity.com/files/174130/systemd-246-Local-Root-Privilege-Escalation.html
- https://medium.com/%40zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7
- https://www.exploit-db.com/exploits/51674
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.34-6ubuntu1.9, binutils/binutils-common@2.34-6ubuntu1.9 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › binutils@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/binutils-common@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/binutils-x86-64-linux-gnu@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libbinutils@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libctf-nobfd0@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libctf0@2.34-6ubuntu1.9
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.
Remediation
There is no fixed version for Ubuntu:20.04
binutils
.
References
low severity
- Vulnerable module: glibc/libc-bin
- Introduced through: glibc/libc-bin@2.31-0ubuntu9.14, glibc/libc-dev-bin@2.31-0ubuntu9.14 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › glibc/libc-bin@2.31-0ubuntu9.14
-
Introduced through: buildpack-deps@20.04 › glibc/libc-dev-bin@2.31-0ubuntu9.14
-
Introduced through: buildpack-deps@20.04 › glibc/libc6@2.31-0ubuntu9.14
-
Introduced through: buildpack-deps@20.04 › glibc/libc6-dev@2.31-0ubuntu9.14
NVD Description
Note: Versions mentioned in the description apply only to the upstream glibc
package and not the glibc
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.
Remediation
There is no fixed version for Ubuntu:20.04
glibc
.
References
low severity
- Vulnerable module: harfbuzz/libharfbuzz0b
- Introduced through: harfbuzz/libharfbuzz0b@2.6.4-1ubuntu4.2
Detailed paths
-
Introduced through: buildpack-deps@20.04 › harfbuzz/libharfbuzz0b@2.6.4-1ubuntu4.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream harfbuzz
package and not the harfbuzz
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Remediation
There is no fixed version for Ubuntu:20.04
harfbuzz
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-25193
- https://chromium.googlesource.com/chromium/src/+/e1f324aa681af54101c1f2d173d92adb80e37088/DEPS#361
- https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh
- https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/
- https://security.netapp.com/advisory/ntap-20230725-0006/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/
low severity
- Vulnerable module: krb5/krb5-multidev
- Introduced through: krb5/krb5-multidev@1.17-6ubuntu4.4, krb5/libgssapi-krb5-2@1.17-6ubuntu4.4 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › krb5/krb5-multidev@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libgssapi-krb5-2@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libgssrpc4@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libk5crypto3@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkadm5clnt-mit11@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkadm5srv-mit11@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkdb5-9@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5-3@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5-dev@1.17-6ubuntu4.4
-
Introduced through: buildpack-deps@20.04 › krb5/libkrb5support0@1.17-6ubuntu4.4
NVD Description
Note: Versions mentioned in the description apply only to the upstream krb5
package and not the krb5
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.
Remediation
There is no fixed version for Ubuntu:20.04
krb5
.
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
- https://security-tracker.debian.org/tracker/CVE-2018-5709
- https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-5709
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: patch
- Introduced through: patch@2.7.6-6
Detailed paths
-
Introduced through: buildpack-deps@20.04 › patch@2.7.6-6
NVD Description
Note: Versions mentioned in the description apply only to the upstream patch
package and not the patch
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
Remediation
There is no fixed version for Ubuntu:20.04
patch
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6952
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952
- https://security-tracker.debian.org/tracker/CVE-2018-6952
- https://security.gentoo.org/glsa/201904-17
- https://savannah.gnu.org/bugs/index.php?53133
- https://access.redhat.com/errata/RHSA-2019:2033
- http://www.securityfocus.com/bid/103047
low severity
- Vulnerable module: pcre3/libpcre16-3
- Introduced through: pcre3/libpcre16-3@2:8.39-12ubuntu0.1, pcre3/libpcre3@2:8.39-12ubuntu0.1 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › pcre3/libpcre16-3@2:8.39-12ubuntu0.1
-
Introduced through: buildpack-deps@20.04 › pcre3/libpcre3@2:8.39-12ubuntu0.1
-
Introduced through: buildpack-deps@20.04 › pcre3/libpcre3-dev@2:8.39-12ubuntu0.1
-
Introduced through: buildpack-deps@20.04 › pcre3/libpcre32-3@2:8.39-12ubuntu0.1
-
Introduced through: buildpack-deps@20.04 › pcre3/libpcrecpp0v5@2:8.39-12ubuntu0.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream pcre3
package and not the pcre3
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.
Remediation
There is no fixed version for Ubuntu:20.04
pcre3
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11164
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11164
- https://security-tracker.debian.org/tracker/CVE-2017-11164
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://openwall.com/lists/oss-security/2017/07/11/3
- http://www.securityfocus.com/bid/99575
- http://www.openwall.com/lists/oss-security/2023/04/11/1
- http://www.openwall.com/lists/oss-security/2023/04/12/1
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: cairo/libcairo-gobject2
- Introduced through: cairo/libcairo-gobject2@1.16.0-4ubuntu1, cairo/libcairo-script-interpreter2@1.16.0-4ubuntu1 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo-gobject2@1.16.0-4ubuntu1
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo-script-interpreter2@1.16.0-4ubuntu1
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo2@1.16.0-4ubuntu1
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo2-dev@1.16.0-4ubuntu1
NVD Description
Note: Versions mentioned in the description apply only to the upstream cairo
package and not the cairo
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).
Remediation
There is no fixed version for Ubuntu:20.04
cairo
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-18064
- https://security-tracker.debian.org/tracker/CVE-2018-18064
- https://gitlab.freedesktop.org/cairo/cairo/issues/341
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: cairo/libcairo-gobject2
- Introduced through: cairo/libcairo-gobject2@1.16.0-4ubuntu1, cairo/libcairo-script-interpreter2@1.16.0-4ubuntu1 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo-gobject2@1.16.0-4ubuntu1
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo-script-interpreter2@1.16.0-4ubuntu1
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo2@1.16.0-4ubuntu1
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo2-dev@1.16.0-4ubuntu1
NVD Description
Note: Versions mentioned in the description apply only to the upstream cairo
package and not the cairo
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
Remediation
There is no fixed version for Ubuntu:20.04
cairo
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-6461
- https://security-tracker.debian.org/tracker/CVE-2019-6461
- https://github.com/TeamSeri0us/pocs/tree/master/gerbv
- https://gitlab.freedesktop.org/cairo/cairo/issues/352
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: coreutils
- Introduced through: coreutils@8.30-3ubuntu2
Detailed paths
-
Introduced through: buildpack-deps@20.04 › coreutils@8.30-3ubuntu2
NVD Description
Note: Versions mentioned in the description apply only to the upstream coreutils
package and not the coreutils
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
Remediation
There is no fixed version for Ubuntu:20.04
coreutils
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-2781
- https://security-tracker.debian.org/tracker/CVE-2016-2781
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://www.openwall.com/lists/oss-security/2016/02/28/2
- http://www.openwall.com/lists/oss-security/2016/02/28/3
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: ncurses/libncurses-dev
- Introduced through: ncurses/libncurses-dev@6.2-0ubuntu2.1, ncurses/libncurses5-dev@6.2-0ubuntu2.1 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › ncurses/libncurses-dev@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libncurses5-dev@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libncurses6@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libncursesw5-dev@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libncursesw6@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libtinfo6@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/ncurses-base@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/ncurses-bin@6.2-0ubuntu2.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream ncurses
package and not the ncurses
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry().
Remediation
There is no fixed version for Ubuntu:20.04
ncurses
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-50495
- https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00020.html
- https://lists.gnu.org/archive/html/bug-ncurses/2023-04/msg00029.html
- https://security.netapp.com/advisory/ntap-20240119-0008/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.1.0+git191117-2ubuntu0.20.04.12, tiff/libtiff5@4.1.0+git191117-2ubuntu0.20.04.12 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › tiff/libtiff-dev@4.1.0+git191117-2ubuntu0.20.04.12
-
Introduced through: buildpack-deps@20.04 › tiff/libtiff5@4.1.0+git191117-2ubuntu0.20.04.12
-
Introduced through: buildpack-deps@20.04 › tiff/libtiffxx5@4.1.0+git191117-2ubuntu0.20.04.12
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.
Remediation
There is no fixed version for Ubuntu:20.04
tiff
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-10126
- https://security-tracker.debian.org/tracker/CVE-2018-10126
- http://bugzilla.maptools.org/show_bug.cgi?id=2786
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: configobj/python3-configobj
- Introduced through: configobj/python3-configobj@5.0.6-4
Detailed paths
-
Introduced through: buildpack-deps@20.04 › configobj/python3-configobj@5.0.6-4
NVD Description
Note: Versions mentioned in the description apply only to the upstream configobj
package and not the configobj
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)((.*)).
Note: This is only exploitable in the case of a developer, putting the offending value in a server side configuration file.
Remediation
There is no fixed version for Ubuntu:20.04
configobj
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-26112
- https://github.com/DiffSK/configobj/issues/232
- https://security.snyk.io/vuln/SNYK-PYTHON-CONFIGOBJ-3252494
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZHY7B33EFY4LESP2NI4APQUPRROTAZK/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6BO4RLMYEJODCNUE3DJIIUUFVTPAG6VN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYU4IHVLOTYMFPH7KDOJGKZQR4GKWPFK/
low severity
- Vulnerable module: openssh/openssh-client
- Introduced through: openssh/openssh-client@1:8.2p1-4ubuntu0.11
Detailed paths
-
Introduced through: buildpack-deps@20.04 › openssh/openssh-client@1:8.2p1-4ubuntu0.11
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh
package and not the openssh
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
Remediation
There is no fixed version for Ubuntu:20.04
openssh
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-14145
- https://security.netapp.com/advisory/ntap-20200709-0004/
- https://security.gentoo.org/glsa/202105-35
- https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d
- https://docs.ssh-mitm.at/CVE-2020-14145.html
- https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1
- https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py
- https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
- http://www.openwall.com/lists/oss-security/2020/12/02/1
low severity
- Vulnerable module: systemd/libsystemd0
- Introduced through: systemd/libsystemd0@245.4-4ubuntu3.23 and systemd/libudev1@245.4-4ubuntu3.23
Detailed paths
-
Introduced through: buildpack-deps@20.04 › systemd/libsystemd0@245.4-4ubuntu3.23
-
Introduced through: buildpack-deps@20.04 › systemd/libudev1@245.4-4ubuntu3.23
NVD Description
Note: Versions mentioned in the description apply only to the upstream systemd
package and not the systemd
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
Remediation
There is no fixed version for Ubuntu:20.04
systemd
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-7008
- https://access.redhat.com/security/cve/CVE-2023-7008
- https://bugzilla.redhat.com/show_bug.cgi?id=2222261
- https://bugzilla.redhat.com/show_bug.cgi?id=2222672
- https://github.com/systemd/systemd/issues/25676
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHNBXGKJWISJETTTDTZKTBFIBJUOSLKL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2/
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.34-6ubuntu1.9, binutils/binutils-common@2.34-6ubuntu1.9 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › binutils@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/binutils-common@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/binutils-x86-64-linux-gnu@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libbinutils@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libctf-nobfd0@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libctf0@2.34-6ubuntu1.9
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).
Remediation
There is no fixed version for Ubuntu:20.04
binutils
.
References
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.34-6ubuntu1.9, binutils/binutils-common@2.34-6ubuntu1.9 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › binutils@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/binutils-common@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/binutils-x86-64-linux-gnu@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libbinutils@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libctf-nobfd0@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libctf0@2.34-6ubuntu1.9
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
Remediation
There is no fixed version for Ubuntu:20.04
binutils
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-48064
- https://sourceware.org/bugzilla/show_bug.cgi?id=29922
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8f2c64de86bc3d7556121fe296dd679000283931
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3XKYUAIORNQ32IZUOZFURECZKEXOHX7Z/
- https://security.netapp.com/advisory/ntap-20231006-0008/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSUNHSOWWLLNGHRM5TUBNCJHEYHPDX2M/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XKYUAIORNQ32IZUOZFURECZKEXOHX7Z/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSUNHSOWWLLNGHRM5TUBNCJHEYHPDX2M/
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=8f2c64de86bc3d7556121fe296dd679000283931
low severity
- Vulnerable module: binutils
- Introduced through: binutils@2.34-6ubuntu1.9, binutils/binutils-common@2.34-6ubuntu1.9 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › binutils@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/binutils-common@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/binutils-x86-64-linux-gnu@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libbinutils@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libctf-nobfd0@2.34-6ubuntu1.9
-
Introduced through: buildpack-deps@20.04 › binutils/libctf0@2.34-6ubuntu1.9
NVD Description
Note: Versions mentioned in the description apply only to the upstream binutils
package and not the binutils
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.
Remediation
There is no fixed version for Ubuntu:20.04
binutils
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-1010204
- https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS
- https://security-tracker.debian.org/tracker/CVE-2019-1010204
- https://sourceware.org/bugzilla/show_bug.cgi?id=23765
- https://security.netapp.com/advisory/ntap-20190822-0001/
- https://support.f5.com/csp/article/K05032915?utm_source=f5support&%3Butm_medium=RSS
low severity
- Vulnerable module: cairo/libcairo-gobject2
- Introduced through: cairo/libcairo-gobject2@1.16.0-4ubuntu1, cairo/libcairo-script-interpreter2@1.16.0-4ubuntu1 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo-gobject2@1.16.0-4ubuntu1
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo-script-interpreter2@1.16.0-4ubuntu1
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo2@1.16.0-4ubuntu1
-
Introduced through: buildpack-deps@20.04 › cairo/libcairo2-dev@1.16.0-4ubuntu1
NVD Description
Note: Versions mentioned in the description apply only to the upstream cairo
package and not the cairo
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
Remediation
There is no fixed version for Ubuntu:20.04
cairo
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-7475
- https://security-tracker.debian.org/tracker/CVE-2017-7475
- https://bugs.freedesktop.org/show_bug.cgi?id=100763
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- http://seclists.org/oss-sec/2017/q2/151
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: libpng1.6/libpng-dev
- Introduced through: libpng1.6/libpng-dev@1.6.37-2 and libpng1.6/libpng16-16@1.6.37-2
Detailed paths
-
Introduced through: buildpack-deps@20.04 › libpng1.6/libpng-dev@1.6.37-2
-
Introduced through: buildpack-deps@20.04 › libpng1.6/libpng16-16@1.6.37-2
NVD Description
Note: Versions mentioned in the description apply only to the upstream libpng1.6
package and not the libpng1.6
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and denial of service in png_setup_paeth_row() function.
Remediation
There is no fixed version for Ubuntu:20.04
libpng1.6
.
References
low severity
- Vulnerable module: openexr/libopenexr-dev
- Introduced through: openexr/libopenexr-dev@2.3.0-6ubuntu0.5 and openexr/libopenexr24@2.3.0-6ubuntu0.5
Detailed paths
-
Introduced through: buildpack-deps@20.04 › openexr/libopenexr-dev@2.3.0-6ubuntu0.5
-
Introduced through: buildpack-deps@20.04 › openexr/libopenexr24@2.3.0-6ubuntu0.5
NVD Description
Note: Versions mentioned in the description apply only to the upstream openexr
package and not the openexr
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.
Remediation
There is no fixed version for Ubuntu:20.04
openexr
.
References
low severity
- Vulnerable module: openexr/libopenexr-dev
- Introduced through: openexr/libopenexr-dev@2.3.0-6ubuntu0.5 and openexr/libopenexr24@2.3.0-6ubuntu0.5
Detailed paths
-
Introduced through: buildpack-deps@20.04 › openexr/libopenexr-dev@2.3.0-6ubuntu0.5
-
Introduced through: buildpack-deps@20.04 › openexr/libopenexr24@2.3.0-6ubuntu0.5
NVD Description
Note: Versions mentioned in the description apply only to the upstream openexr
package and not the openexr
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
Remediation
There is no fixed version for Ubuntu:20.04
openexr
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-45942
- https://github.com/AcademySoftwareFoundation/openexr/pull/1209
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416
- https://github.com/AcademySoftwareFoundation/openexr/commit/11cad77da87c4fa2aab7d58dd5339e254db7937e
- https://github.com/AcademySoftwareFoundation/openexr/commit/db217f29dfb24f6b4b5100c24ac5e7490e1c57d0
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openexr/OSV-2021-1627.yaml
- https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.1.4
- https://github.com/AcademySoftwareFoundation/openexr/blob/v3.1.4/CHANGES.md#version-314-january-26-2022
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HJ5PW4WNXBKCRFGDZGAQOSVH2BKZKL4X/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJUK7WIQV5EKWTCZBRXFN6INHG6MLS5O/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TEZDE2S2DB4BF4LZSSV4W3DNW7DSRHJ/
- https://security.gentoo.org/glsa/202210-31
- https://www.debian.org/security/2022/dsa-5299
- https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6TEZDE2S2DB4BF4LZSSV4W3DNW7DSRHJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJ5PW4WNXBKCRFGDZGAQOSVH2BKZKL4X/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XJUK7WIQV5EKWTCZBRXFN6INHG6MLS5O/
low severity
- Vulnerable module: patch
- Introduced through: patch@2.7.6-6
Detailed paths
-
Introduced through: buildpack-deps@20.04 › patch@2.7.6-6
NVD Description
Note: Versions mentioned in the description apply only to the upstream patch
package and not the patch
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.
Remediation
There is no fixed version for Ubuntu:20.04
patch
.
References
low severity
- Vulnerable module: tiff/libtiff-dev
- Introduced through: tiff/libtiff-dev@4.1.0+git191117-2ubuntu0.20.04.12, tiff/libtiff5@4.1.0+git191117-2ubuntu0.20.04.12 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › tiff/libtiff-dev@4.1.0+git191117-2ubuntu0.20.04.12
-
Introduced through: buildpack-deps@20.04 › tiff/libtiff5@4.1.0+git191117-2ubuntu0.20.04.12
-
Introduced through: buildpack-deps@20.04 › tiff/libtiffxx5@4.1.0+git191117-2ubuntu0.20.04.12
NVD Description
Note: Versions mentioned in the description apply only to the upstream tiff
package and not the tiff
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.
Remediation
There is no fixed version for Ubuntu:20.04
tiff
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-3164
- https://access.redhat.com/security/cve/CVE-2023-4156
- https://bugzilla.redhat.com/show_bug.cgi?id=2215930
- https://access.redhat.com/security/cve/CVE-2023-3164
- https://bugzilla.redhat.com/show_bug.cgi?id=2213531
- https://gitlab.com/libtiff/libtiff/-/issues/542
low severity
- Vulnerable module: openexr/libopenexr-dev
- Introduced through: openexr/libopenexr-dev@2.3.0-6ubuntu0.5 and openexr/libopenexr24@2.3.0-6ubuntu0.5
Detailed paths
-
Introduced through: buildpack-deps@20.04 › openexr/libopenexr-dev@2.3.0-6ubuntu0.5
-
Introduced through: buildpack-deps@20.04 › openexr/libopenexr24@2.3.0-6ubuntu0.5
NVD Description
Note: Versions mentioned in the description apply only to the upstream openexr
package and not the openexr
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availability.
Remediation
There is no fixed version for Ubuntu:20.04
openexr
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-20296
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854
- https://bugzilla.redhat.com/show_bug.cgi?id=1939141
- https://lists.debian.org/debian-lts-announce/2021/07/msg00001.html
- https://security.gentoo.org/glsa/202107-27
- https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
low severity
- Vulnerable module: shadow/login
- Introduced through: shadow/login@1:4.8.1-1ubuntu5.20.04.5 and shadow/passwd@1:4.8.1-1ubuntu5.20.04.5
Detailed paths
-
Introduced through: buildpack-deps@20.04 › shadow/login@1:4.8.1-1ubuntu5.20.04.5
-
Introduced through: buildpack-deps@20.04 › shadow/passwd@1:4.8.1-1ubuntu5.20.04.5
NVD Description
Note: Versions mentioned in the description apply only to the upstream shadow
package and not the shadow
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
Remediation
There is no fixed version for Ubuntu:20.04
shadow
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-4235
- https://security-tracker.debian.org/tracker/CVE-2013-4235
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
- https://access.redhat.com/security/cve/cve-2013-4235
- https://security.gentoo.org/glsa/202210-26
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
low severity
- Vulnerable module: gnupg2/dirmngr
- Introduced through: gnupg2/dirmngr@2.2.19-3ubuntu2.2, gnupg2/gnupg@2.2.19-3ubuntu2.2 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › gnupg2/dirmngr@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gnupg@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gnupg-l10n@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gnupg-utils@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gpg@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gpg-agent@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gpg-wks-client@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gpg-wks-server@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gpgconf@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gpgsm@2.2.19-3ubuntu2.2
-
Introduced through: buildpack-deps@20.04 › gnupg2/gpgv@2.2.19-3ubuntu2.2
NVD Description
Note: Versions mentioned in the description apply only to the upstream gnupg2
package and not the gnupg2
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.
Remediation
There is no fixed version for Ubuntu:20.04
gnupg2
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2022-3219
- https://access.redhat.com/security/cve/CVE-2022-3219
- https://bugzilla.redhat.com/show_bug.cgi?id=2127010
- https://dev.gnupg.org/D556
- https://dev.gnupg.org/T5993
- https://marc.info/?l=oss-security&m=165696590211434&w=4
- https://security.netapp.com/advisory/ntap-20230324-0001/
low severity
- Vulnerable module: shadow/login
- Introduced through: shadow/login@1:4.8.1-1ubuntu5.20.04.5 and shadow/passwd@1:4.8.1-1ubuntu5.20.04.5
Detailed paths
-
Introduced through: buildpack-deps@20.04 › shadow/login@1:4.8.1-1ubuntu5.20.04.5
-
Introduced through: buildpack-deps@20.04 › shadow/passwd@1:4.8.1-1ubuntu5.20.04.5
NVD Description
Note: Versions mentioned in the description apply only to the upstream shadow
package and not the shadow
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.
Remediation
There is no fixed version for Ubuntu:20.04
shadow
.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2023-29383
- https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d
- https://github.com/shadow-maint/shadow/pull/687
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797
low severity
- Vulnerable module: ncurses/libncurses-dev
- Introduced through: ncurses/libncurses-dev@6.2-0ubuntu2.1, ncurses/libncurses5-dev@6.2-0ubuntu2.1 and others
Detailed paths
-
Introduced through: buildpack-deps@20.04 › ncurses/libncurses-dev@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libncurses5-dev@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libncurses6@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libncursesw5-dev@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libncursesw6@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/libtinfo6@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/ncurses-base@6.2-0ubuntu2.1
-
Introduced through: buildpack-deps@20.04 › ncurses/ncurses-bin@6.2-0ubuntu2.1
NVD Description
Note: Versions mentioned in the description apply only to the upstream ncurses
package and not the ncurses
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:20.04
relevant fixed versions and status.
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.
Remediation
There is no fixed version for Ubuntu:20.04
ncurses
.