Search CVE reports

Toggle filters

941 – 950 of 2435 results

CVE-2022-26383

Medium priority

Some fixes available 16 of 24

When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.

7 affected packages

firefox, mozjs38, mozjs52, thunderbird, firefox-esr...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
thunderbird Fixed Fixed Fixed Fixed
firefox-esr
mozjs68 Not in release Not in release Ignored Not in release
mozjs78 Not in release Ignored Not in release Not in release
Show all 7 packages Show less packages

CVE-2022-26381

Medium priority

Some fixes available 16 of 24

An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash. This vulnerability affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird < 91.7.

7 affected packages

firefox, mozjs38, mozjs52, mozjs68, thunderbird...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Fixed
mozjs38 Not in release Not in release Not in release Ignored
mozjs52 Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Ignored Not in release
thunderbird Fixed Fixed Fixed Fixed
firefox-esr
mozjs78 Not in release Ignored Not in release Not in release
Show all 7 packages Show less packages

CVE-2022-24713

Medium priority

Some fixes available 11 of 13

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by...

3 affected packages

firefox, thunderbird, rust-regex

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed
thunderbird Not affected Fixed Fixed
rust-regex Fixed Fixed
Show less packages

CVE-2022-25315

Medium priority

Some fixes available 23 of 113

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.

24 affected packages

cadaver, apache2, apr-util, ayttm, cableswig...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release Not in release
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Not affected Needs evaluation
expat Fixed Fixed Fixed Fixed Fixed
firefox Fixed Fixed Fixed Not in release Ignored
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release Not in release
insighttoolkit4 Not in release Not in release Not affected Not affected Not affected
matanza Ignored Ignored Ignored Ignored Ignored
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libxmltok Not in release Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not in release Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
thunderbird Ignored Ignored Ignored Not in release Ignored
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Not in release Not in release Needs evaluation
vtk Not in release Not in release Not in release Not in release Not in release
Show all 24 packages Show less packages

CVE-2022-25314

Medium priority

Some fixes available 21 of 111

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.

24 affected packages

thunderbird, ayttm, cableswig, cadaver, apache2...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
thunderbird Ignored Ignored Ignored Not in release Ignored
ayttm Not in release Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release Not in release
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Not affected Needs evaluation
insighttoolkit4 Not in release Not in release Not affected Not affected Not affected
firefox Fixed Fixed Fixed Not in release Ignored
expat Fixed Fixed Fixed Fixed Fixed
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release Not in release
libxmltok Not in release Not affected Not affected Not affected Not affected
matanza Ignored Ignored Ignored Ignored Ignored
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
smart Not in release Not in release Not in release Not in release Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not in release Needs evaluation
vtk Not in release Not in release Not in release Not in release Not in release
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 24 packages Show less packages

CVE-2022-25313

Medium priority

Some fixes available 23 of 113

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

24 affected packages

ayttm, apache2, apr-util, cmake, cadaver...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ayttm Not in release Not in release Not in release Not in release Not in release
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
matanza Ignored Ignored Ignored Ignored Ignored
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
thunderbird Ignored Ignored Ignored Not in release Ignored
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Not in release Not affected Not affected Not affected
firefox Fixed Fixed Fixed Not in release Ignored
cableswig Not in release Not in release Not in release Not in release Not in release
coin3 Not affected Not affected Not affected Not affected Needs evaluation
expat Fixed Fixed Fixed Fixed Fixed
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release Not in release
libxmltok Not in release Not affected Not affected Not affected Not affected
smart Not in release Not in release Not in release Not in release Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Not in release Needs evaluation
vtk Not in release Not in release Not in release Not in release Not in release
Show all 24 packages Show less packages

CVE-2022-0566

Medium priority
Fixed

It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1.

1 affected package

thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
thunderbird Fixed Fixed Fixed
Show less packages

CVE-2022-23639

Medium priority

Some fixes available 11 of 39

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was...

11 affected packages

rust-crossbeam-utils, rust-crossbeam-utils-0.7, firefox, mozjs38, librsvg...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
rust-crossbeam-utils Not affected Not affected Vulnerable Vulnerable Not in release
rust-crossbeam-utils-0.7 Not in release Not in release Vulnerable Not in release Not in release
firefox Fixed Fixed Fixed Not in release Ignored
mozjs38 Not in release Not in release Not in release Not in release Ignored
librsvg Not affected Not affected Not affected Not affected Not affected
mozjs78 Not in release Not in release Ignored Not in release Not in release
rustc Not in release Not affected Fixed Fixed Not affected
thunderbird Ignored Ignored Ignored Not in release Ignored
cargo Not in release Not in release Not affected Not affected Not affected
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored Not in release
Show all 11 packages Show less packages

CVE-2022-25236

High priority

Some fixes available 45 of 105

xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.

24 affected packages

apache2, apr-util, cmake, expat, ghostscript...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
expat Fixed Fixed Fixed Fixed Fixed
ghostscript Not affected Not affected Not affected Not affected Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not in release
insighttoolkit4 Not in release Not in release Not affected Not affected Not affected
matanza Ignored Ignored Ignored Ignored Ignored
insighttoolkit Not in release Not in release Not in release Not in release Not in release
swish-e Fixed Fixed Fixed Fixed Fixed
libxmltok Not in release Fixed Fixed Fixed Fixed
vnc4 Not in release Not in release Not in release Not in release Not affected
wbxml2 Not affected Not affected Not affected Not affected Not affected
xmlrpc-c Not affected Fixed Fixed Fixed Fixed
cableswig Not in release Not in release Not in release Not in release Not in release
cadaver Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Not affected Fixed
firefox Fixed Fixed Fixed Not in release Ignored
gdcm Not affected Not affected Not affected Not affected Not affected
tdom Not affected Not affected Not affected Not affected Needs evaluation
smart Not in release Not in release Not in release Not in release Not affected
thunderbird Ignored Ignored Ignored Not in release Ignored
vtk Not in release Not in release Not in release Not in release Not in release
Show all 24 packages Show less packages

CVE-2022-25235

High priority

Some fixes available 45 of 105

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

24 affected packages

firefox, smart, vtk, thunderbird, apache2...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Fixed Fixed Fixed Not in release Ignored
smart Not in release Not in release Not in release Not in release Not affected
vtk Not in release Not in release Not in release Not in release Not in release
thunderbird Ignored Ignored Ignored Not in release Ignored
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
cmake Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Not in release
cableswig Not in release Not in release Not in release Not in release Not in release
cadaver Not affected Not affected Not affected Not affected Not affected
expat Fixed Fixed Fixed Fixed Fixed
vnc4 Not in release Not in release Not in release Not in release Not affected
swish-e Fixed Fixed Fixed Fixed Fixed
wbxml2 Not affected Not affected Not affected Needs evaluation Not affected
xmlrpc-c Not affected Fixed Fixed Fixed Fixed
libxmltok Not in release Fixed Fixed Fixed Fixed
tdom Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Not affected Fixed
matanza Ignored Ignored Ignored Ignored Ignored
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit4 Not in release Not in release Not affected Not affected Not affected
insighttoolkit Not in release Not in release Not in release Not in release Not in release
texlive-bin Not affected Not affected Not affected Not affected Not affected
Show all 24 packages Show less packages
  1. Previous page
  2. 93
  3. 94
  4. 95
  5. 96
  6. 97
  7. Next page
Export to JSON