Vulnerabilities

915 via 2140 paths

Dependencies

301

Source

Group 6 Copy Created with Sketch. Docker

Target OS

ubuntu:14.04
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 10
  • 418
  • 487
Status
  • 915
  • 0
  • 0

high severity

Exposure of Resource to Wrong Sphere

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

high severity

Improper Encoding or Escaping of Output

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

high severity

SQL Injection

  • Vulnerable module: cyrus-sasl2/libsasl2-2
  • Introduced through: cyrus-sasl2/libsasl2-2@2.1.25.dfsg1-17build1 and cyrus-sasl2/libsasl2-modules-db@2.1.25.dfsg1-17build1
  • Fixed in: 2.1.25.dfsg1-17ubuntu0.1~esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty cyrus-sasl2/libsasl2-2@2.1.25.dfsg1-17build1
  • Introduced through: openresty/openresty@1.11.2.4-trusty cyrus-sasl2/libsasl2-modules-db@2.1.25.dfsg1-17build1

NVD Description

Note: Versions mentioned in the description apply only to the upstream cyrus-sasl2 package and not the cyrus-sasl2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.

Remediation

Upgrade Ubuntu:14.04 cyrus-sasl2 to version 2.1.25.dfsg1-17ubuntu0.1~esm2 or higher.

References

high severity

CVE-2019-3462

  • Vulnerable module: apt
  • Introduced through: apt@1.0.1ubuntu2.17, apt/apt-utils@1.0.1ubuntu2.17 and others
  • Fixed in: 1.0.1ubuntu2.19

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty apt@1.0.1ubuntu2.17
  • Introduced through: openresty/openresty@1.11.2.4-trusty apt/apt-utils@1.0.1ubuntu2.17
  • Introduced through: openresty/openresty@1.11.2.4-trusty apt/libapt-inst1.5@1.0.1ubuntu2.17
  • Introduced through: openresty/openresty@1.11.2.4-trusty apt/libapt-pkg4.12@1.0.1ubuntu2.17

NVD Description

Note: Versions mentioned in the description apply only to the upstream apt package and not the apt package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.

Remediation

Upgrade Ubuntu:14.04 apt to version 1.0.1ubuntu2.19 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: eglibc/libc-bin
  • Introduced through: eglibc/libc-bin@2.19-0ubuntu6.13, eglibc/libc-dev-bin@2.19-0ubuntu6.13 and others
  • Fixed in: 2.19-0ubuntu6.14

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc-bin@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc-dev-bin@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc6@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc6-dev@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/multiarch-support@2.19-0ubuntu6.13

NVD Description

Note: Versions mentioned in the description apply only to the upstream eglibc package and not the eglibc package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.

Remediation

Upgrade Ubuntu:14.04 eglibc to version 2.19-0ubuntu6.14 or higher.

References

high severity

Off-by-one Error

  • Vulnerable module: sudo
  • Introduced through: sudo@1.8.9p5-1ubuntu1.4
  • Fixed in: 1.8.9p5-1ubuntu1.5+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sudo@1.8.9p5-1ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream sudo package and not the sudo package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

Remediation

Upgrade Ubuntu:14.04 sudo to version 1.8.9p5-1ubuntu1.5+esm6 or higher.

References

high severity

Loop with Unreachable Exit Condition ('Infinite Loop')

  • Vulnerable module: openssl
  • Introduced through: openssl@1.0.1f-1ubuntu2.22 and openssl/libssl1.0.0@1.0.1f-1ubuntu2.22
  • Fixed in: 1.0.1f-1ubuntu2.27+esm5

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty openssl@1.0.1f-1ubuntu2.22
  • Introduced through: openresty/openresty@1.11.2.4-trusty openssl/libssl1.0.0@1.0.1f-1ubuntu2.22

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).

Remediation

Upgrade Ubuntu:14.04 openssl to version 1.0.1f-1ubuntu2.27+esm5 or higher.

References

high severity

Access of Resource Using Incompatible Type ('Type Confusion')

  • Vulnerable module: openssl
  • Introduced through: openssl@1.0.1f-1ubuntu2.22 and openssl/libssl1.0.0@1.0.1f-1ubuntu2.22
  • Fixed in: 1.0.1f-1ubuntu2.27+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty openssl@1.0.1f-1ubuntu2.22
  • Introduced through: openresty/openresty@1.11.2.4-trusty openssl/libssl1.0.0@1.0.1f-1ubuntu2.22

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING.

When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.

Remediation

Upgrade Ubuntu:14.04 openssl to version 1.0.1f-1ubuntu2.27+esm6 or higher.

References

high severity

Out-of-bounds Write

  • Vulnerable module: freetype/libfreetype6
  • Introduced through: freetype/libfreetype6@2.5.2-1ubuntu2.8 and freetype/libfreetype6-dev@2.5.2-1ubuntu2.8
  • Fixed in: 2.5.2-1ubuntu2.8+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty freetype/libfreetype6@2.5.2-1ubuntu2.8
  • Introduced through: openresty/openresty@1.11.2.4-trusty freetype/libfreetype6-dev@2.5.2-1ubuntu2.8

NVD Description

Note: Versions mentioned in the description apply only to the upstream freetype package and not the freetype package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Remediation

Upgrade Ubuntu:14.04 freetype to version 2.5.2-1ubuntu2.8+esm2 or higher.

References

high severity

NULL Pointer Dereference

  • Vulnerable module: openssl
  • Introduced through: openssl@1.0.1f-1ubuntu2.22 and openssl/libssl1.0.0@1.0.1f-1ubuntu2.22
  • Fixed in: 1.0.1f-1ubuntu2.27+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty openssl@1.0.1f-1ubuntu2.22
  • Introduced through: openresty/openresty@1.11.2.4-trusty openssl/libssl1.0.0@1.0.1f-1ubuntu2.22

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).

Remediation

Upgrade Ubuntu:14.04 openssl to version 1.0.1f-1ubuntu2.27+esm2 or higher.

References

medium severity

Buffer Overflow

  • Vulnerable module: busybox/busybox-initramfs
  • Introduced through: busybox/busybox-initramfs@1:1.21.0-1ubuntu1
  • Fixed in: 1:1.21.0-1ubuntu1.4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty busybox/busybox-initramfs@1:1.21.0-1ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream busybox package and not the busybox package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.

Remediation

Upgrade Ubuntu:14.04 busybox to version 1:1.21.0-1ubuntu1.4 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: bzip2
  • Introduced through: bzip2@1.0.6-5 and bzip2/libbz2-1.0@1.0.6-5
  • Fixed in: 1.0.6-5ubuntu0.1~esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty bzip2@1.0.6-5
  • Introduced through: openresty/openresty@1.11.2.4-trusty bzip2/libbz2-1.0@1.0.6-5

NVD Description

Note: Versions mentioned in the description apply only to the upstream bzip2 package and not the bzip2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

Remediation

Upgrade Ubuntu:14.04 bzip2 to version 1.0.6-5ubuntu0.1~esm2 or higher.

References

medium severity

Buffer Overflow

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.20+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.20+esm3 or higher.

References

medium severity

CVE-2018-1000007

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.14

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom Authorization: headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.14 or higher.

References

medium severity

Exposure of Resource to Wrong Sphere

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.20+esm13

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

When doing HTTP(S) transfers, libcurl might erroneously use the read callback (CURLOPT_READFUNCTION) to ask for data to send, even when the CURLOPT_POSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the subsequent POST request. The problem exists in the logic for a reused handle when it is changed from a PUT to a POST.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.20+esm13 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.17

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.17 or higher.

References

medium severity

Out-of-Bounds

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.19

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.19 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.13

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.13 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.15

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.15 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: db5.3/libdb5.3
  • Introduced through: db5.3/libdb5.3@5.3.28-3ubuntu3
  • Fixed in: 5.3.28-3ubuntu3.1+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty db5.3/libdb5.3@5.3.28-3ubuntu3

NVD Description

Note: Versions mentioned in the description apply only to the upstream db5.3 package and not the db5.3 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.

Remediation

Upgrade Ubuntu:14.04 db5.3 to version 5.3.28-3ubuntu3.1+esm1 or higher.

References

medium severity

Directory Traversal

  • Vulnerable module: dpkg
  • Introduced through: dpkg@1.17.5ubuntu5.7, dpkg/dpkg-dev@1.17.5ubuntu5.7 and others

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty dpkg@1.17.5ubuntu5.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty dpkg/dpkg-dev@1.17.5ubuntu5.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty dpkg/libdpkg-perl@1.17.5ubuntu5.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream dpkg package and not the dpkg package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.

Remediation

There is no fixed version for Ubuntu:14.04 dpkg.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: eglibc/libc-bin
  • Introduced through: eglibc/libc-bin@2.19-0ubuntu6.13, eglibc/libc-dev-bin@2.19-0ubuntu6.13 and others
  • Fixed in: 2.19-0ubuntu6.15+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc-bin@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc-dev-bin@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc6@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc6-dev@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/multiarch-support@2.19-0ubuntu6.13

NVD Description

Note: Versions mentioned in the description apply only to the upstream eglibc package and not the eglibc package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.

Remediation

Upgrade Ubuntu:14.04 eglibc to version 2.19-0ubuntu6.15+esm1 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: eglibc/libc-bin
  • Introduced through: eglibc/libc-bin@2.19-0ubuntu6.13, eglibc/libc-dev-bin@2.19-0ubuntu6.13 and others
  • Fixed in: 2.19-0ubuntu6.15+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc-bin@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc-dev-bin@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc6@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc6-dev@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/multiarch-support@2.19-0ubuntu6.13

NVD Description

Note: Versions mentioned in the description apply only to the upstream eglibc package and not the eglibc package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

Remediation

Upgrade Ubuntu:14.04 eglibc to version 2.19-0ubuntu6.15+esm3 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm6 or higher.

References

medium severity

NULL Pointer Dereference

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.40.2-0ubuntu1
  • Fixed in: 2.40.2-0ubuntu1.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty glib2.0/libglib2.0-0@2.40.2-0ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream glib2.0 package and not the glib2.0 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.

Remediation

Upgrade Ubuntu:14.04 glib2.0 to version 2.40.2-0ubuntu1.1 or higher.

References

medium severity

Race Condition

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.40.2-0ubuntu1
  • Fixed in: 2.40.2-0ubuntu1.1+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty glib2.0/libglib2.0-0@2.40.2-0ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream glib2.0 package and not the glib2.0 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.

Remediation

Upgrade Ubuntu:14.04 glib2.0 to version 2.40.2-0ubuntu1.1+esm1 or higher.

References

medium severity

CVE-2022-44640

  • Vulnerable module: heimdal/libasn1-8-heimdal
  • Introduced through: heimdal/libasn1-8-heimdal@1.6~git20131207+dfsg-1ubuntu1.2, heimdal/libgssapi3-heimdal@1.6~git20131207+dfsg-1ubuntu1.2 and others
  • Fixed in: 1.6~git20131207+dfsg-1ubuntu1.2+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libasn1-8-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libgssapi3-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libhcrypto4-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libheimbase1-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libheimntlm0-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libhx509-5-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libkrb5-26-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libroken18-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libwind0-heimdal@1.6~git20131207+dfsg-1ubuntu1.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream heimdal package and not the heimdal package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).

Remediation

Upgrade Ubuntu:14.04 heimdal to version 1.6~git20131207+dfsg-1ubuntu1.2+esm3 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: klibc/klibc-utils
  • Introduced through: klibc/klibc-utils@2.0.3-0ubuntu1.14.04.3 and klibc/libklibc@2.0.3-0ubuntu1.14.04.3
  • Fixed in: 2.0.3-0ubuntu1.14.04.3+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty klibc/klibc-utils@2.0.3-0ubuntu1.14.04.3
  • Introduced through: openresty/openresty@1.11.2.4-trusty klibc/libklibc@2.0.3-0ubuntu1.14.04.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream klibc package and not the klibc package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

Remediation

Upgrade Ubuntu:14.04 klibc to version 2.0.3-0ubuntu1.14.04.3+esm3 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: libidn/libidn11
  • Introduced through: libidn/libidn11@1.28-1ubuntu2.1
  • Fixed in: 1.28-1ubuntu2.2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libidn/libidn11@1.28-1ubuntu2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libidn package and not the libidn package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

Remediation

Upgrade Ubuntu:14.04 libidn to version 1.28-1ubuntu2.2 or higher.

References

medium severity

Buffer Overflow

  • Vulnerable module: libx11/libx11-6
  • Introduced through: libx11/libx11-6@2:1.6.2-1ubuntu2, libx11/libx11-data@2:1.6.2-1ubuntu2 and others
  • Fixed in: 2:1.6.2-1ubuntu2.1+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-6@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-data@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-dev@2:1.6.2-1ubuntu2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libx11 package and not the libx11 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session.

Remediation

Upgrade Ubuntu:14.04 libx11 to version 2:1.6.2-1ubuntu2.1+esm2 or higher.

References

medium severity

Off-by-one Error

  • Vulnerable module: libx11/libx11-6
  • Introduced through: libx11/libx11-6@2:1.6.2-1ubuntu2, libx11/libx11-data@2:1.6.2-1ubuntu2 and others
  • Fixed in: 2:1.6.2-1ubuntu2.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-6@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-data@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-dev@2:1.6.2-1ubuntu2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libx11 package and not the libx11 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.

Remediation

Upgrade Ubuntu:14.04 libx11 to version 2:1.6.2-1ubuntu2.1 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: libx11/libx11-6
  • Introduced through: libx11/libx11-6@2:1.6.2-1ubuntu2, libx11/libx11-data@2:1.6.2-1ubuntu2 and others
  • Fixed in: 2:1.6.2-1ubuntu2.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-6@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-data@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-dev@2:1.6.2-1ubuntu2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libx11 package and not the libx11 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.

Remediation

Upgrade Ubuntu:14.04 libx11 to version 2:1.6.2-1ubuntu2.1 or higher.

References

medium severity

Out-of-Bounds

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1+dfsg1-3ubuntu4.9 and libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9
  • Fixed in: 2.9.1+dfsg1-3ubuntu4.10

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2@2.9.1+dfsg1-3ubuntu4.9
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.

Remediation

Upgrade Ubuntu:14.04 libxml2 to version 2.9.1+dfsg1-3ubuntu4.10 or higher.

References

medium severity

XML External Entity (XXE) Injection

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1+dfsg1-3ubuntu4.9 and libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9
  • Fixed in: 2.9.1+dfsg1-3ubuntu4.10

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2@2.9.1+dfsg1-3ubuntu4.9
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).

Remediation

Upgrade Ubuntu:14.04 libxml2 to version 2.9.1+dfsg1-3ubuntu4.10 or higher.

References

medium severity

CVE-2019-11068

  • Vulnerable module: libxslt/libxslt1-dev
  • Introduced through: libxslt/libxslt1-dev@1.1.28-2ubuntu0.1 and libxslt/libxslt1.1@1.1.28-2ubuntu0.1
  • Fixed in: 1.1.28-2ubuntu0.2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxslt/libxslt1-dev@1.1.28-2ubuntu0.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxslt/libxslt1.1@1.1.28-2ubuntu0.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxslt package and not the libxslt package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

Remediation

Upgrade Ubuntu:14.04 libxslt to version 1.1.28-2ubuntu0.2 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: ntp/ntpdate
  • Introduced through: ntp/ntpdate@1:4.2.6.p5+dfsg-3ubuntu2.14.04.11
  • Fixed in: 1:4.2.6.p5+dfsg-3ubuntu2.14.04.13

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty ntp/ntpdate@1:4.2.6.p5+dfsg-3ubuntu2.14.04.11

NVD Description

Note: Versions mentioned in the description apply only to the upstream ntp package and not the ntp package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.

Remediation

Upgrade Ubuntu:14.04 ntp to version 1:4.2.6.p5+dfsg-3ubuntu2.14.04.13 or higher.

References

medium severity

SQL Injection

  • Vulnerable module: openldap/libldap-2.4-2
  • Introduced through: openldap/libldap-2.4-2@2.4.31-1+nmu2ubuntu8.4
  • Fixed in: 2.4.31-1+nmu2ubuntu8.5+esm5

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty openldap/libldap-2.4-2@2.4.31-1+nmu2ubuntu8.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.

Remediation

Upgrade Ubuntu:14.04 openldap to version 2.4.31-1+nmu2ubuntu8.5+esm5 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: perl
  • Introduced through: perl@5.18.2-2ubuntu1.1, perl/libperl-dev@5.18.2-2ubuntu1.1 and others
  • Fixed in: 5.18.2-2ubuntu1.7

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty perl@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl-dev@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl5.18@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-base@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-modules@5.18.2-2ubuntu1.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Remediation

Upgrade Ubuntu:14.04 perl to version 5.18.2-2ubuntu1.7 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: perl
  • Introduced through: perl@5.18.2-2ubuntu1.1, perl/libperl-dev@5.18.2-2ubuntu1.1 and others
  • Fixed in: 5.18.2-2ubuntu1.4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty perl@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl-dev@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl5.18@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-base@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-modules@5.18.2-2ubuntu1.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.

Remediation

Upgrade Ubuntu:14.04 perl to version 5.18.2-2ubuntu1.4 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: procps
  • Introduced through: procps@1:3.3.9-1ubuntu2.2 and procps/libprocps3@1:3.3.9-1ubuntu2.2
  • Fixed in: 1:3.3.9-1ubuntu2.3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty procps@1:3.3.9-1ubuntu2.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty procps/libprocps3@1:3.3.9-1ubuntu2.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream procps package and not the procps package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.

Remediation

Upgrade Ubuntu:14.04 procps to version 1:3.3.9-1ubuntu2.3 or higher.

References

medium severity

Arbitrary Command Injection

  • Vulnerable module: python3.4
  • Introduced through: python3.4@3.4.3-1ubuntu1~14.04.5, python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5 and others
  • Fixed in: 3.4.3-1ubuntu1~14.04.7

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-stdlib@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/python3.4-minimal@3.4.3-1ubuntu1~14.04.5

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.4 package and not the python3.4 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.

Remediation

Upgrade Ubuntu:14.04 python3.4 to version 3.4.3-1ubuntu1~14.04.7 or higher.

References

medium severity

Buffer Overflow

  • Vulnerable module: python3.4
  • Introduced through: python3.4@3.4.3-1ubuntu1~14.04.5, python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5 and others
  • Fixed in: 3.4.3-1ubuntu1~14.04.7+esm10

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-stdlib@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/python3.4-minimal@3.4.3-1ubuntu1~14.04.5

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.4 package and not the python3.4 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

Remediation

Upgrade Ubuntu:14.04 python3.4 to version 3.4.3-1ubuntu1~14.04.7+esm10 or higher.

References

medium severity

Credentials Management

  • Vulnerable module: python3.4
  • Introduced through: python3.4@3.4.3-1ubuntu1~14.04.5, python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5 and others
  • Fixed in: 3.4.3-1ubuntu1~14.04.7+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-stdlib@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/python3.4-minimal@3.4.3-1ubuntu1~14.04.5

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.4 package and not the python3.4 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.

Remediation

Upgrade Ubuntu:14.04 python3.4 to version 3.4.3-1ubuntu1~14.04.7+esm2 or higher.

References

medium severity

CVE-2019-9636

  • Vulnerable module: python3.4
  • Introduced through: python3.4@3.4.3-1ubuntu1~14.04.5, python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5 and others
  • Fixed in: 3.4.3-1ubuntu1~14.04.7+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-stdlib@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/python3.4-minimal@3.4.3-1ubuntu1~14.04.5

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.4 package and not the python3.4 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.

Remediation

Upgrade Ubuntu:14.04 python3.4 to version 3.4.3-1ubuntu1~14.04.7+esm2 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: python3.4
  • Introduced through: python3.4@3.4.3-1ubuntu1~14.04.5, python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5 and others
  • Fixed in: 3.4.3-1ubuntu1~14.04.6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-stdlib@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/python3.4-minimal@3.4.3-1ubuntu1~14.04.5

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.4 package and not the python3.4 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)

Remediation

Upgrade Ubuntu:14.04 python3.4 to version 3.4.3-1ubuntu1~14.04.6 or higher.

References

medium severity

XML External Entity (XXE) Injection

  • Vulnerable module: python3.4
  • Introduced through: python3.4@3.4.3-1ubuntu1~14.04.5, python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5 and others

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-stdlib@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/python3.4-minimal@3.4.3-1ubuntu1~14.04.5

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.4 package and not the python3.4 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.

Remediation

There is no fixed version for Ubuntu:14.04 python3.4.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.8.2-1ubuntu2.1
  • Fixed in: 3.8.2-1ubuntu2.2+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sqlite3/libsqlite3-0@3.8.2-1ubuntu2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.

Remediation

Upgrade Ubuntu:14.04 sqlite3 to version 3.8.2-1ubuntu2.2+esm1 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in vim/vim prior to 8.2.

Remediation

There is no fixed version for Ubuntu:14.04 vim.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: zlib/zlib1g
  • Introduced through: zlib/zlib1g@1:1.2.8.dfsg-1ubuntu1 and zlib/zlib1g-dev@1:1.2.8.dfsg-1ubuntu1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty zlib/zlib1g@1:1.2.8.dfsg-1ubuntu1
  • Introduced through: openresty/openresty@1.11.2.4-trusty zlib/zlib1g-dev@1:1.2.8.dfsg-1ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream zlib package and not the zlib package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.

Remediation

There is no fixed version for Ubuntu:14.04 zlib.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: zlib/zlib1g
  • Introduced through: zlib/zlib1g@1:1.2.8.dfsg-1ubuntu1 and zlib/zlib1g-dev@1:1.2.8.dfsg-1ubuntu1
  • Fixed in: 1:1.2.8.dfsg-1ubuntu1.1+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty zlib/zlib1g@1:1.2.8.dfsg-1ubuntu1
  • Introduced through: openresty/openresty@1.11.2.4-trusty zlib/zlib1g-dev@1:1.2.8.dfsg-1ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream zlib package and not the zlib package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

Remediation

Upgrade Ubuntu:14.04 zlib to version 1:1.2.8.dfsg-1ubuntu1.1+esm2 or higher.

References

medium severity

Out-of-Bounds

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.12

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.12 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.16

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.16 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.19

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.19 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.15

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.15 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: libbsd/libbsd0
  • Introduced through: libbsd/libbsd0@0.6.0-2ubuntu1
  • Fixed in: 0.6.0-2ubuntu1+esm1

medium severity

Out-of-Bounds

  • Vulnerable module: perl
  • Introduced through: perl@5.18.2-2ubuntu1.1, perl/libperl-dev@5.18.2-2ubuntu1.1 and others
  • Fixed in: 5.18.2-2ubuntu1.3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty perl@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl-dev@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl5.18@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-base@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-modules@5.18.2-2ubuntu1.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape.

Remediation

Upgrade Ubuntu:14.04 perl to version 5.18.2-2ubuntu1.3 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: perl
  • Introduced through: perl@5.18.2-2ubuntu1.1, perl/libperl-dev@5.18.2-2ubuntu1.1 and others
  • Fixed in: 5.18.2-2ubuntu1.7

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty perl@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl-dev@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl5.18@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-base@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-modules@5.18.2-2ubuntu1.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

Remediation

Upgrade Ubuntu:14.04 perl to version 5.18.2-2ubuntu1.7 or higher.

References

medium severity

Directory Traversal

  • Vulnerable module: python3.4
  • Introduced through: python3.4@3.4.3-1ubuntu1~14.04.5, python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5 and others
  • Fixed in: 3.4.3-1ubuntu1~14.04.7+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-minimal@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/libpython3.4-stdlib@3.4.3-1ubuntu1~14.04.5
  • Introduced through: openresty/openresty@1.11.2.4-trusty python3.4/python3.4-minimal@3.4.3-1ubuntu1~14.04.5

NVD Description

Note: Versions mentioned in the description apply only to the upstream python3.4 package and not the python3.4 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.

Remediation

Upgrade Ubuntu:14.04 python3.4 to version 3.4.3-1ubuntu1~14.04.7+esm2 or higher.

References

medium severity

CVE-2020-19726

  • Vulnerable module: binutils
  • Introduced through: binutils@2.24-5ubuntu14.2
  • Fixed in: 2.24-5ubuntu14.2+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty binutils@2.24-5ubuntu14.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service.

Remediation

Upgrade Ubuntu:14.04 binutils to version 2.24-5ubuntu14.2+esm3 or higher.

References

medium severity

Arbitrary Code Injection

  • Vulnerable module: busybox/busybox-initramfs
  • Introduced through: busybox/busybox-initramfs@1:1.21.0-1ubuntu1
  • Fixed in: 1:1.21.0-1ubuntu1.4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty busybox/busybox-initramfs@1:1.21.0-1ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream busybox package and not the busybox package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.

Remediation

Upgrade Ubuntu:14.04 busybox to version 1:1.21.0-1ubuntu1.4 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: gzip
  • Introduced through: gzip@1.6-3ubuntu1
  • Fixed in: 1.6-3ubuntu1+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty gzip@1.6-3ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream gzip package and not the gzip package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Remediation

Upgrade Ubuntu:14.04 gzip to version 1.6-3ubuntu1+esm1 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: heimdal/libasn1-8-heimdal
  • Introduced through: heimdal/libasn1-8-heimdal@1.6~git20131207+dfsg-1ubuntu1.2, heimdal/libgssapi3-heimdal@1.6~git20131207+dfsg-1ubuntu1.2 and others
  • Fixed in: 1.6~git20131207+dfsg-1ubuntu1.2+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libasn1-8-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libgssapi3-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libhcrypto4-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libheimbase1-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libheimntlm0-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libhx509-5-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libkrb5-26-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libroken18-heimdal@1.6~git20131207+dfsg-1ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty heimdal/libwind0-heimdal@1.6~git20131207+dfsg-1ubuntu1.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream heimdal package and not the heimdal package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."

Remediation

Upgrade Ubuntu:14.04 heimdal to version 1.6~git20131207+dfsg-1ubuntu1.2+esm3 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: krb5/libgssapi-krb5-2
  • Introduced through: krb5/libgssapi-krb5-2@1.12+dfsg-2ubuntu5.3, krb5/libk5crypto3@1.12+dfsg-2ubuntu5.3 and others
  • Fixed in: 1.12+dfsg-2ubuntu5.4+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty krb5/libgssapi-krb5-2@1.12+dfsg-2ubuntu5.3
  • Introduced through: openresty/openresty@1.11.2.4-trusty krb5/libk5crypto3@1.12+dfsg-2ubuntu5.3
  • Introduced through: openresty/openresty@1.11.2.4-trusty krb5/libkrb5-3@1.12+dfsg-2ubuntu5.3
  • Introduced through: openresty/openresty@1.11.2.4-trusty krb5/libkrb5support0@1.12+dfsg-2ubuntu5.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."

Remediation

Upgrade Ubuntu:14.04 krb5 to version 1.12+dfsg-2ubuntu5.4+esm3 or higher.

References

medium severity

Double Free

  • Vulnerable module: libgd2/libgd-dev
  • Introduced through: libgd2/libgd-dev@2.1.0-3ubuntu0.6 and libgd2/libgd3@2.1.0-3ubuntu0.6
  • Fixed in: 2.1.0-3ubuntu0.10

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libgd2/libgd-dev@2.1.0-3ubuntu0.6
  • Introduced through: openresty/openresty@1.11.2.4-trusty libgd2/libgd3@2.1.0-3ubuntu0.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libgd2 package and not the libgd2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5.

Remediation

Upgrade Ubuntu:14.04 libgd2 to version 2.1.0-3ubuntu0.10 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: libgd2/libgd-dev
  • Introduced through: libgd2/libgd-dev@2.1.0-3ubuntu0.6 and libgd2/libgd3@2.1.0-3ubuntu0.6
  • Fixed in: 2.1.0-3ubuntu0.11

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libgd2/libgd-dev@2.1.0-3ubuntu0.6
  • Introduced through: openresty/openresty@1.11.2.4-trusty libgd2/libgd3@2.1.0-3ubuntu0.6

NVD Description

Note: Versions mentioned in the description apply only to the upstream libgd2 package and not the libgd2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.

Remediation

Upgrade Ubuntu:14.04 libgd2 to version 2.1.0-3ubuntu0.11 or higher.

References

medium severity

Use After Free

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1+dfsg1-3ubuntu4.9 and libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9
  • Fixed in: 2.9.1+dfsg1-3ubuntu4.13+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2@2.9.1+dfsg1-3ubuntu4.9
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

Remediation

Upgrade Ubuntu:14.04 libxml2 to version 2.9.1+dfsg1-3ubuntu4.13+esm2 or higher.

References

medium severity

Use After Free

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1+dfsg1-3ubuntu4.9 and libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9
  • Fixed in: 2.9.1+dfsg1-3ubuntu4.12

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2@2.9.1+dfsg1-3ubuntu4.9
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Remediation

Upgrade Ubuntu:14.04 libxml2 to version 2.9.1+dfsg1-3ubuntu4.12 or higher.

References

medium severity

Untrusted Search Path

  • Vulnerable module: libxpm/libxpm-dev
  • Introduced through: libxpm/libxpm-dev@1:3.5.10-1ubuntu0.1 and libxpm/libxpm4@1:3.5.10-1ubuntu0.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxpm/libxpm-dev@1:3.5.10-1ubuntu0.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxpm/libxpm4@1:3.5.10-1ubuntu0.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxpm package and not the libxpm package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.

Remediation

There is no fixed version for Ubuntu:14.04 libxpm.

References

medium severity

Use After Free

  • Vulnerable module: libxslt/libxslt1-dev
  • Introduced through: libxslt/libxslt1-dev@1.1.28-2ubuntu0.1 and libxslt/libxslt1.1@1.1.28-2ubuntu0.1
  • Fixed in: 1.1.28-2ubuntu0.2+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxslt/libxslt1-dev@1.1.28-2ubuntu0.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxslt/libxslt1.1@1.1.28-2ubuntu0.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxslt package and not the libxslt package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Remediation

Upgrade Ubuntu:14.04 libxslt to version 1.1.28-2ubuntu0.2+esm2 or higher.

References

medium severity

Arbitrary Code Injection

  • Vulnerable module: sensible-utils
  • Introduced through: sensible-utils@0.0.9
  • Fixed in: 0.0.9ubuntu0.14.04.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sensible-utils@0.0.9

NVD Description

Note: Versions mentioned in the description apply only to the upstream sensible-utils package and not the sensible-utils package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.

Remediation

Upgrade Ubuntu:14.04 sensible-utils to version 0.0.9ubuntu0.14.04.1 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.8.2-1ubuntu2.1
  • Fixed in: 3.8.2-1ubuntu2.2+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sqlite3/libsqlite3-0@3.8.2-1ubuntu2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Remediation

Upgrade Ubuntu:14.04 sqlite3 to version 3.8.2-1ubuntu2.2+esm2 or higher.

References

medium severity

Improper Handling of Exceptional Conditions

  • Vulnerable module: sudo
  • Introduced through: sudo@1.8.9p5-1ubuntu1.4
  • Fixed in: 1.8.9p5-1ubuntu1.5+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sudo@1.8.9p5-1ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream sudo package and not the sudo package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u #$((0xffffffff))" command.

Remediation

Upgrade Ubuntu:14.04 sudo to version 1.8.9p5-1ubuntu1.5+esm2 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.10

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.10 or higher.

References

medium severity

Numeric Errors

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.11+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.11+esm6 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.9

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.9 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.9

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.9 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.10

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.10 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.9

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.9 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.10

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.10 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.11+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.11+esm6 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: xz-utils
  • Introduced through: xz-utils@5.1.1alpha+20120614-2ubuntu2, xz-utils/liblzma-dev@5.1.1alpha+20120614-2ubuntu2 and others
  • Fixed in: 5.1.1alpha+20120614-2ubuntu2.14.04.1+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty xz-utils@5.1.1alpha+20120614-2ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty xz-utils/liblzma-dev@5.1.1alpha+20120614-2ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty xz-utils/liblzma5@5.1.1alpha+20120614-2ubuntu2

NVD Description

Note: Versions mentioned in the description apply only to the upstream xz-utils package and not the xz-utils package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Remediation

Upgrade Ubuntu:14.04 xz-utils to version 5.1.1alpha+20120614-2ubuntu2.14.04.1+esm1 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1+dfsg1-3ubuntu4.9 and libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9
  • Fixed in: 2.9.1+dfsg1-3ubuntu4.13+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2@2.9.1+dfsg1-3ubuntu4.9
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.

Remediation

Upgrade Ubuntu:14.04 libxml2 to version 2.9.1+dfsg1-3ubuntu4.13+esm2 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: sudo
  • Introduced through: sudo@1.8.9p5-1ubuntu1.4
  • Fixed in: 1.8.9p5-1ubuntu1.5+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sudo@1.8.9p5-1ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream sudo package and not the sudo package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.

Remediation

Upgrade Ubuntu:14.04 sudo to version 1.8.9p5-1ubuntu1.5+esm1 or higher.

References

medium severity

Use After Free

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm7

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm7 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: libjpeg-turbo/libjpeg-turbo8
  • Introduced through: libjpeg-turbo/libjpeg-turbo8@1.3.0-0ubuntu2 and libjpeg-turbo/libjpeg-turbo8-dev@1.3.0-0ubuntu2
  • Fixed in: 1.3.0-0ubuntu2.1+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libjpeg-turbo/libjpeg-turbo8@1.3.0-0ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libjpeg-turbo/libjpeg-turbo8-dev@1.3.0-0ubuntu2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libjpeg-turbo package and not the libjpeg-turbo package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

Remediation

Upgrade Ubuntu:14.04 libjpeg-turbo to version 1.3.0-0ubuntu2.1+esm1 or higher.

References

medium severity

Improper Certificate Validation

  • Vulnerable module: perl
  • Introduced through: perl@5.18.2-2ubuntu1.1, perl/libperl-dev@5.18.2-2ubuntu1.1 and others
  • Fixed in: 5.18.2-2ubuntu1.7+esm5

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty perl@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl-dev@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl5.18@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-base@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-modules@5.18.2-2ubuntu1.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.

Remediation

Upgrade Ubuntu:14.04 perl to version 5.18.2-2ubuntu1.7+esm5 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.8.2-1ubuntu2.1
  • Fixed in: 3.8.2-1ubuntu2.2+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sqlite3/libsqlite3-0@3.8.2-1ubuntu2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.

Remediation

Upgrade Ubuntu:14.04 sqlite3 to version 3.8.2-1ubuntu2.2+esm1 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: sqlite3/libsqlite3-0
  • Introduced through: sqlite3/libsqlite3-0@3.8.2-1ubuntu2.1
  • Fixed in: 3.8.2-1ubuntu2.2+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sqlite3/libsqlite3-0@3.8.2-1ubuntu2.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.

Remediation

Upgrade Ubuntu:14.04 sqlite3 to version 3.8.2-1ubuntu2.2+esm1 or higher.

References

medium severity

CVE-2022-47695

  • Vulnerable module: binutils
  • Introduced through: binutils@2.24-5ubuntu14.2
  • Fixed in: 2.24-5ubuntu14.2+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty binutils@2.24-5ubuntu14.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c.

Remediation

Upgrade Ubuntu:14.04 binutils to version 2.24-5ubuntu14.2+esm3 or higher.

References

medium severity

CVE-2022-47696

  • Vulnerable module: binutils
  • Introduced through: binutils@2.24-5ubuntu14.2
  • Fixed in: 2.24-5ubuntu14.2+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty binutils@2.24-5ubuntu14.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.

Remediation

Upgrade Ubuntu:14.04 binutils to version 2.24-5ubuntu14.2+esm1 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: binutils
  • Introduced through: binutils@2.24-5ubuntu14.2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty binutils@2.24-5ubuntu14.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.

Remediation

There is no fixed version for Ubuntu:14.04 binutils.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.24-5ubuntu14.2
  • Fixed in: 2.24-5ubuntu14.2+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty binutils@2.24-5ubuntu14.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.

Remediation

Upgrade Ubuntu:14.04 binutils to version 2.24-5ubuntu14.2+esm3 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: binutils
  • Introduced through: binutils@2.24-5ubuntu14.2
  • Fixed in: 2.24-5ubuntu14.2+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty binutils@2.24-5ubuntu14.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.

Remediation

Upgrade Ubuntu:14.04 binutils to version 2.24-5ubuntu14.2+esm3 or higher.

References

medium severity

Directory Traversal

  • Vulnerable module: busybox/busybox-initramfs
  • Introduced through: busybox/busybox-initramfs@1:1.21.0-1ubuntu1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty busybox/busybox-initramfs@1:1.21.0-1ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream busybox package and not the busybox package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.

Remediation

There is no fixed version for Ubuntu:14.04 busybox.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: cpio
  • Introduced through: cpio@2.11+dfsg-1ubuntu1.2
  • Fixed in: 2.11+dfsg-1ubuntu1.2+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty cpio@2.11+dfsg-1ubuntu1.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream cpio package and not the cpio package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.

Remediation

Upgrade Ubuntu:14.04 cpio to version 2.11+dfsg-1ubuntu1.2+esm2 or higher.

References

medium severity

Arbitrary Code Injection

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.20+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.20+esm4 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: curl
  • Introduced through: curl@7.35.0-1ubuntu2.10 and curl/libcurl3@7.35.0-1ubuntu2.10
  • Fixed in: 7.35.0-1ubuntu2.20+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty curl@7.35.0-1ubuntu2.10
  • Introduced through: openresty/openresty@1.11.2.4-trusty curl/libcurl3@7.35.0-1ubuntu2.10

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.

Remediation

Upgrade Ubuntu:14.04 curl to version 7.35.0-1ubuntu2.20+esm2 or higher.

References

medium severity

CVE-2017-10140

  • Vulnerable module: db5.3/libdb5.3
  • Introduced through: db5.3/libdb5.3@5.3.28-3ubuntu3
  • Fixed in: 5.3.28-3ubuntu3.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty db5.3/libdb5.3@5.3.28-3ubuntu3

NVD Description

Note: Versions mentioned in the description apply only to the upstream db5.3 package and not the db5.3 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.

Remediation

Upgrade Ubuntu:14.04 db5.3 to version 5.3.28-3ubuntu3.1 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: e2fsprogs
  • Introduced through: e2fsprogs@1.42.9-3ubuntu1.3, e2fsprogs/e2fslibs@1.42.9-3ubuntu1.3 and others
  • Fixed in: 1.42.9-3ubuntu1.3+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty e2fsprogs@1.42.9-3ubuntu1.3
  • Introduced through: openresty/openresty@1.11.2.4-trusty e2fsprogs/e2fslibs@1.42.9-3ubuntu1.3
  • Introduced through: openresty/openresty@1.11.2.4-trusty e2fsprogs/libcomerr2@1.42.9-3ubuntu1.3
  • Introduced through: openresty/openresty@1.11.2.4-trusty e2fsprogs/libss2@1.42.9-3ubuntu1.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream e2fsprogs package and not the e2fsprogs package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

Remediation

Upgrade Ubuntu:14.04 e2fsprogs to version 1.42.9-3ubuntu1.3+esm3 or higher.

References

medium severity

Off-by-one Error

  • Vulnerable module: eglibc/libc-bin
  • Introduced through: eglibc/libc-bin@2.19-0ubuntu6.13, eglibc/libc-dev-bin@2.19-0ubuntu6.13 and others
  • Fixed in: 2.19-0ubuntu6.15+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc-bin@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc-dev-bin@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc6@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/libc6-dev@2.19-0ubuntu6.13
  • Introduced through: openresty/openresty@1.11.2.4-trusty eglibc/multiarch-support@2.19-0ubuntu6.13

NVD Description

Note: Versions mentioned in the description apply only to the upstream eglibc package and not the eglibc package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.

Remediation

Upgrade Ubuntu:14.04 eglibc to version 2.19-0ubuntu6.15+esm3 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: expat/libexpat1
  • Introduced through: expat/libexpat1@2.1.0-4ubuntu1.4 and expat/libexpat1-dev@2.1.0-4ubuntu1.4
  • Fixed in: 2.1.0-4ubuntu1.4+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1@2.1.0-4ubuntu1.4
  • Introduced through: openresty/openresty@1.11.2.4-trusty expat/libexpat1-dev@2.1.0-4ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

Remediation

Upgrade Ubuntu:14.04 expat to version 2.1.0-4ubuntu1.4+esm4 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: file
  • Introduced through: file@1:5.14-2ubuntu3.3 and file/libmagic1@1:5.14-2ubuntu3.3
  • Fixed in: 1:5.14-2ubuntu3.4+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty file@1:5.14-2ubuntu3.3
  • Introduced through: openresty/openresty@1.11.2.4-trusty file/libmagic1@1:5.14-2ubuntu3.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream file package and not the file package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).

Remediation

Upgrade Ubuntu:14.04 file to version 1:5.14-2ubuntu3.4+esm1 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: glib2.0/libglib2.0-0
  • Introduced through: glib2.0/libglib2.0-0@2.40.2-0ubuntu1
  • Fixed in: 2.40.2-0ubuntu1.1+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty glib2.0/libglib2.0-0@2.40.2-0ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream glib2.0 package and not the glib2.0 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.

Remediation

Upgrade Ubuntu:14.04 glib2.0 to version 2.40.2-0ubuntu1.1+esm6 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: json-c/libjson-c2
  • Introduced through: json-c/libjson-c2@0.11-3ubuntu1.2 and json-c/libjson0@0.11-3ubuntu1.2
  • Fixed in: 0.11-3ubuntu1.2+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty json-c/libjson-c2@0.11-3ubuntu1.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty json-c/libjson0@0.11-3ubuntu1.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream json-c package and not the json-c package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

Remediation

Upgrade Ubuntu:14.04 json-c to version 0.11-3ubuntu1.2+esm3 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: libcap2
  • Introduced through: libcap2@1:2.24-0ubuntu2, libcap2/libcap2-bin@1:2.24-0ubuntu2 and others
  • Fixed in: 1:2.24-0ubuntu2+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libcap2@1:2.24-0ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libcap2/libcap2-bin@1:2.24-0ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libcap2/libpam-cap@1:2.24-0ubuntu2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libcap2 package and not the libcap2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.

Remediation

Upgrade Ubuntu:14.04 libcap2 to version 1:2.24-0ubuntu2+esm1 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: libx11/libx11-6
  • Introduced through: libx11/libx11-6@2:1.6.2-1ubuntu2, libx11/libx11-data@2:1.6.2-1ubuntu2 and others
  • Fixed in: 2:1.6.2-1ubuntu2.1+esm5

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-6@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-data@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-dev@2:1.6.2-1ubuntu2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libx11 package and not the libx11 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.

Remediation

Upgrade Ubuntu:14.04 libx11 to version 2:1.6.2-1ubuntu2.1+esm5 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: libx11/libx11-6
  • Introduced through: libx11/libx11-6@2:1.6.2-1ubuntu2, libx11/libx11-data@2:1.6.2-1ubuntu2 and others
  • Fixed in: 2:1.6.2-1ubuntu2.1+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-6@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-data@2:1.6.2-1ubuntu2
  • Introduced through: openresty/openresty@1.11.2.4-trusty libx11/libx11-dev@2:1.6.2-1ubuntu2

NVD Description

Note: Versions mentioned in the description apply only to the upstream libx11 package and not the libx11 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.

Remediation

Upgrade Ubuntu:14.04 libx11 to version 2:1.6.2-1ubuntu2.1+esm1 or higher.

References

medium severity

Double Free

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1+dfsg1-3ubuntu4.9 and libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9
  • Fixed in: 2.9.1+dfsg1-3ubuntu4.13+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2@2.9.1+dfsg1-3ubuntu4.9
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.

Remediation

Upgrade Ubuntu:14.04 libxml2 to version 2.9.1+dfsg1-3ubuntu4.13+esm4 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1+dfsg1-3ubuntu4.9 and libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9
  • Fixed in: 2.9.1+dfsg1-3ubuntu4.10

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2@2.9.1+dfsg1-3ubuntu4.9
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.

Remediation

Upgrade Ubuntu:14.04 libxml2 to version 2.9.1+dfsg1-3ubuntu4.10 or higher.

References

medium severity

Use After Free

  • Vulnerable module: libxml2
  • Introduced through: libxml2@2.9.1+dfsg1-3ubuntu4.9 and libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9
  • Fixed in: 2.9.1+dfsg1-3ubuntu4.13+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2@2.9.1+dfsg1-3ubuntu4.9
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxml2/libxml2-dev@2.9.1+dfsg1-3ubuntu4.9

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.

Remediation

Upgrade Ubuntu:14.04 libxml2 to version 2.9.1+dfsg1-3ubuntu4.13+esm2 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: libxpm/libxpm-dev
  • Introduced through: libxpm/libxpm-dev@1:3.5.10-1ubuntu0.1 and libxpm/libxpm4@1:3.5.10-1ubuntu0.1
  • Fixed in: 1:3.5.10-1ubuntu0.1+esm2

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty libxpm/libxpm-dev@1:3.5.10-1ubuntu0.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty libxpm/libxpm4@1:3.5.10-1ubuntu0.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxpm package and not the libxpm package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.

Remediation

Upgrade Ubuntu:14.04 libxpm to version 1:3.5.10-1ubuntu0.1+esm2 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: ncurses/libncurses5
  • Introduced through: ncurses/libncurses5@5.9+20140118-1ubuntu1, ncurses/libncurses5-dev@5.9+20140118-1ubuntu1 and others
  • Fixed in: 5.9+20140118-1ubuntu1+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty ncurses/libncurses5@5.9+20140118-1ubuntu1
  • Introduced through: openresty/openresty@1.11.2.4-trusty ncurses/libncurses5-dev@5.9+20140118-1ubuntu1
  • Introduced through: openresty/openresty@1.11.2.4-trusty ncurses/libncursesw5@5.9+20140118-1ubuntu1
  • Introduced through: openresty/openresty@1.11.2.4-trusty ncurses/libtinfo-dev@5.9+20140118-1ubuntu1
  • Introduced through: openresty/openresty@1.11.2.4-trusty ncurses/libtinfo5@5.9+20140118-1ubuntu1
  • Introduced through: openresty/openresty@1.11.2.4-trusty ncurses/ncurses-base@5.9+20140118-1ubuntu1
  • Introduced through: openresty/openresty@1.11.2.4-trusty ncurses/ncurses-bin@5.9+20140118-1ubuntu1

NVD Description

Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.

Remediation

Upgrade Ubuntu:14.04 ncurses to version 5.9+20140118-1ubuntu1+esm3 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: patch
  • Introduced through: patch@2.7.1-4ubuntu2.3
  • Fixed in: 2.7.1-4ubuntu2.4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty patch@2.7.1-4ubuntu2.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.

Remediation

Upgrade Ubuntu:14.04 patch to version 2.7.1-4ubuntu2.4 or higher.

References

medium severity

OS Command Injection

  • Vulnerable module: patch
  • Introduced through: patch@2.7.1-4ubuntu2.3
  • Fixed in: 2.7.1-4ubuntu2.4+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty patch@2.7.1-4ubuntu2.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.

Remediation

Upgrade Ubuntu:14.04 patch to version 2.7.1-4ubuntu2.4+esm1 or higher.

References

medium severity

OS Command Injection

  • Vulnerable module: patch
  • Introduced through: patch@2.7.1-4ubuntu2.3
  • Fixed in: 2.7.1-4ubuntu2.4+esm1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty patch@2.7.1-4ubuntu2.3

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.

Remediation

Upgrade Ubuntu:14.04 patch to version 2.7.1-4ubuntu2.4+esm1 or higher.

References

medium severity

Improper Verification of Cryptographic Signature

  • Vulnerable module: perl
  • Introduced through: perl@5.18.2-2ubuntu1.1, perl/libperl-dev@5.18.2-2ubuntu1.1 and others
  • Fixed in: 5.18.2-2ubuntu1.7+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty perl@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl-dev@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/libperl5.18@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-base@5.18.2-2ubuntu1.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty perl/perl-modules@5.18.2-2ubuntu1.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

CPAN 2.28 allows Signature Verification Bypass.

Remediation

Upgrade Ubuntu:14.04 perl to version 5.18.2-2ubuntu1.7+esm4 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: procps
  • Introduced through: procps@1:3.3.9-1ubuntu2.2 and procps/libprocps3@1:3.3.9-1ubuntu2.2
  • Fixed in: 1:3.3.9-1ubuntu2.3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty procps@1:3.3.9-1ubuntu2.2
  • Introduced through: openresty/openresty@1.11.2.4-trusty procps/libprocps3@1:3.3.9-1ubuntu2.2

NVD Description

Note: Versions mentioned in the description apply only to the upstream procps package and not the procps package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

Remediation

Upgrade Ubuntu:14.04 procps to version 1:3.3.9-1ubuntu2.3 or higher.

References

medium severity

Arbitrary Command Injection

  • Vulnerable module: sudo
  • Introduced through: sudo@1.8.9p5-1ubuntu1.4
  • Fixed in: 1.8.9p5-1ubuntu1.5+esm5

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sudo@1.8.9p5-1ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream sudo package and not the sudo package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

Remediation

Upgrade Ubuntu:14.04 sudo to version 1.8.9p5-1ubuntu1.5+esm5 or higher.

References

medium severity

Improper Privilege Management

  • Vulnerable module: sudo
  • Introduced through: sudo@1.8.9p5-1ubuntu1.4
  • Fixed in: 1.8.9p5-1ubuntu1.5+esm7

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty sudo@1.8.9p5-1ubuntu1.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream sudo package and not the sudo package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.

Remediation

Upgrade Ubuntu:14.04 sudo to version 1.8.9p5-1ubuntu1.5+esm7 or higher.

References

medium severity

Use After Free

  • Vulnerable module: systemd/libudev1
  • Introduced through: systemd/libudev1@204-5ubuntu20.24 and systemd/udev@204-5ubuntu20.24

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty systemd/libudev1@204-5ubuntu20.24
  • Introduced through: openresty/openresty@1.11.2.4-trusty systemd/udev@204-5ubuntu20.24

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.

Remediation

There is no fixed version for Ubuntu:14.04 systemd.

References

medium severity

Divide By Zero

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.8 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.8 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.8 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.8 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.8 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.8 or higher.

References

medium severity

Improper Input Validation

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.8 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.11+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.11+esm6 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.8 or higher.

References

medium severity

Out-of-Bounds

  • Vulnerable module: tiff/libtiff5
  • Introduced through: tiff/libtiff5@4.0.3-7ubuntu0.7, tiff/libtiff5-dev@4.0.3-7ubuntu0.7 and others
  • Fixed in: 4.0.3-7ubuntu0.11+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiff5-dev@4.0.3-7ubuntu0.7
  • Introduced through: openresty/openresty@1.11.2.4-trusty tiff/libtiffxx5@4.0.3-7ubuntu0.7

NVD Description

Note: Versions mentioned in the description apply only to the upstream tiff package and not the tiff package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Remediation

Upgrade Ubuntu:14.04 tiff to version 4.0.3-7ubuntu0.11+esm6 or higher.

References

medium severity

Buffer Over-read

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm8 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

vim is vulnerable to Heap-based Buffer Overflow

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm4 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

vim is vulnerable to Heap-based Buffer Overflow

Remediation

There is no fixed version for Ubuntu:14.04 vim.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Remediation

There is no fixed version for Ubuntu:14.04 vim.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm9

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm9 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm5

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm5 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm5

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm5 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm5

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm5 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm8 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm9

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm9 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm6 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm6 or higher.

References

medium severity

Heap-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm14

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm14 or higher.

References

medium severity

Integer Overflow or Wraparound

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm10

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm10 or higher.

References

medium severity

NULL Pointer Dereference

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm6 or higher.

References

medium severity

Out-of-Bounds

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm9

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm9 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm8 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm8 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Buffer Over-read in GitHub repository vim/vim prior to 8.2.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm8 or higher.

References

medium severity

Out-of-bounds Read

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm6 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm3

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

vim is vulnerable to Heap-based Buffer Overflow

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm3 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Remediation

There is no fixed version for Ubuntu:14.04 vim.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm9

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm9 or higher.

References

medium severity

Out-of-bounds Write

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm15

medium severity

Out-of-bounds Write

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm6

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm6 or higher.

References

medium severity

Stack-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm4

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

vim is vulnerable to Use of Uninitialized Variable

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm4 or higher.

References

medium severity

Stack-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm9

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm9 or higher.

References

medium severity

Stack-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm8

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm8 or higher.

References

medium severity

Stack-based Buffer Overflow

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm13

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm13 or higher.

References

medium severity

Use After Free

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1

medium severity

Use After Free

  • Vulnerable module: vim/vim-common
  • Introduced through: vim/vim-common@2:7.4.052-1ubuntu3.1 and vim/vim-tiny@2:7.4.052-1ubuntu3.1
  • Fixed in: 2:7.4.052-1ubuntu3.1+esm9

Detailed paths

  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-common@2:7.4.052-1ubuntu3.1
  • Introduced through: openresty/openresty@1.11.2.4-trusty vim/vim-tiny@2:7.4.052-1ubuntu3.1

NVD Description

Note: Versions mentioned in the description apply only to the upstream vim package and not the vim package as distributed by Ubuntu. See How to fix? for Ubuntu:14.04 relevant fixed versions and status.

vim is vulnerable to Use After Free

Remediation

Upgrade Ubuntu:14.04 vim to version 2:7.4.052-1ubuntu3.1+esm9 or higher.

References