CVE search results

411 – 420 of 1235 results

Detailed view

Sort by:

CVE-2022-24728

Medium priority

Vulnerable

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ckeditor	Not in release	Not affected	Vulnerable	Vulnerable	Vulnerable
ckeditor3	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-24720

Medium priority

Some fixes available 2 of 4

image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of operations that are coming from unsanitized...

1 affected package

ruby-image-processing

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ruby-image-processing	—	Not affected	Fixed	Fixed	—

CVE-2021-3610

Medium priority

Some fixes available 9 of 12

A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash...

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	Fixed	Fixed	Fixed	Not affected	Not affected

CVE-2021-3596

Low priority

Not affected

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the...

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	Not affected	Not affected	Not affected

CVE-2022-23935

Medium priority

Vulnerable

lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection.

1 affected package

libimage-exiftool-perl

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libimage-exiftool-perl	Not affected	Not affected	Needs evaluation	Vulnerable	Vulnerable

CVE-2021-44716

Medium priority

Some fixes available 8 of 23

net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests.

8 affected packages

golang-1.11, golang-1.17, golang-1.7, golang-1.8, golang-golang-x-net...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-1.11	Not in release	Not in release	Not in release	Not in release	Not in release
golang-1.17	Not in release	Not in release	Vulnerable	Not in release	Not in release
golang-1.7	Not in release	Not in release	Not in release	Not in release	Not in release
golang-1.8	Not in release	Not in release	Not in release	Not in release	Vulnerable
golang-golang-x-net	Not affected	Not affected	Not affected	Not in release	Not in release
golang-golang-x-net-dev	Not in release	Not in release	Not in release	Vulnerable	Vulnerable
google-guest-agent	Fixed	Fixed	Fixed	Fixed	Vulnerable
golang-1.15	—	—	—	Not in release	Not in release

CVE-2021-3962

Medium priority

Not affected

A flaw was found in ImageMagick where it did not properly sanitize certain input before using it to invoke convert processes. This flaw allows an attacker to create a specially crafted image that leads to a...

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	—	—	Not affected	Not affected	Not affected

CVE-2021-41165

Medium priority

Needs evaluation

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject...

4 affected packages

ckeditor, ckeditor3, ldap-account-manager, request-tracker4

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ckeditor	Not in release	Not affected	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor3	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-41164

Medium priority

Needs evaluation

CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to...

4 affected packages

ckeditor3, ldap-account-manager, request-tracker4, ckeditor

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ckeditor3	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ldap-account-manager	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
request-tracker4	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ckeditor	Not in release	Not affected	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-39212

Low priority

Some fixes available 10 of 12

ImageMagick is free software delivered as a ready-to-run binary distribution or as source code that you may use, copy, modify, and distribute in both open and proprietary applications. In affected versions and in certain cases,...

1 affected package

imagemagick

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
imagemagick	Fixed	Fixed	Fixed	Fixed	Not affected

Export to JSON

Results by page:

Search CVE reports