Search CVE reports
1 – 10 of 39869 results
An information disclosure vulnerability exists in Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools). The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command....
1 affected package
ubuntu-advantage-tools
| Package | 24.04 LTS |
|---|---|
| ubuntu-advantage-tools | Fixed |
An insecure symlink following vulnerability exists in Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools) within the pro collect-logs command framework. The utility creates or utilizes predictable temporary file paths or...
1 affected package
ubuntu-advantage-tools
| Package | 24.04 LTS |
|---|---|
| ubuntu-advantage-tools | Fixed |
An input validation and injection vulnerability exists in Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools). The client constructs APT source files (such as /etc/apt/sources.list.d/ubuntu-<name>.list or their DEB822...
1 affected package
ubuntu-advantage-tools
| Package | 24.04 LTS |
|---|---|
| ubuntu-advantage-tools | Fixed |
[Unknown description]
1 affected package
netatalk
| Package | 24.04 LTS |
|---|---|
| netatalk | Needs evaluation |
[Unknown description]
1 affected package
netatalk
| Package | 24.04 LTS |
|---|---|
| netatalk | Needs evaluation |
[Unknown description]
1 affected package
netatalk
| Package | 24.04 LTS |
|---|---|
| netatalk | Needs evaluation |
[Unknown description]
1 affected package
netatalk
| Package | 24.04 LTS |
|---|---|
| netatalk | Needs evaluation |
[Unknown description]
1 affected package
trafficserver
| Package | 24.04 LTS |
|---|---|
| trafficserver | Needs evaluation |
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newline_len. In the bundled libsyck newline_len and is_newline dereference the scan pointer, and the following byte for a "\r\n"...
1 affected package
libyaml-syck-perl
| Package | 24.04 LTS |
|---|---|
| libyaml-syck-perl | Needs evaluation |
YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syck_hdlr_add_anchor. In the bundled libsyck an anchor name allocated by syck_strndup is stored both as...
1 affected package
libyaml-syck-perl
| Package | 24.04 LTS |
|---|---|
| libyaml-syck-perl | Needs evaluation |