Search CVE reports
1 – 10 of 60 results
[BOM-shift PV-corruption SIGABRT]
1 affected package
libcpanel-json-xs-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libcpanel-json-xs-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[dupkeys_as_arrayref type confusion]
1 affected package
libcpanel-json-xs-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libcpanel-json-xs-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large numeric range like {1..10000000},...
1 affected package
node-brace-expansion
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| node-brace-expansion | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an exception, the serialized JSON string...
3 affected packages
ujson, pandas, collada2gltf
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ujson | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pandas | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| collada2gltf | Not in release | Not in release | Needs evaluation | — | Needs evaluation |
The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and 1.1.13, a brace pattern with a zero step value (e.g., `{1..2..0}`) causes the sequence...
1 affected package
node-brace-expansion
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| node-brace-expansion | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps() crashes the...
3 affected packages
collada2gltf, pandas, ujson
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| collada2gltf | Not in release | Not in release | Not affected | — | Not affected |
| pandas | Not affected | Not affected | Not affected | Not affected | Not affected |
| ujson | Fixed | Fixed | Fixed | Not affected | Not affected |
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large (outside of the range [-2^63, 2^64 - 1])...
3 affected packages
collada2gltf, pandas, ujson
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| collada2gltf | Not in release | Not in release | Not affected | — | Not affected |
| pandas | Not affected | Not affected | Not affected | Not affected | Not affected |
| ujson | Fixed | Fixed | Not affected | Not affected | Not affected |
@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an...
1 affected package
node-brace-expansion
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| node-brace-expansion | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used to write GeoDataFrames to a PostgreSQL database.
1 affected package
python-geopandas
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| python-geopandas | — | Fixed | Fixed | Not affected | Not affected |
Some fixes available 5 of 8
Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact
1 affected package
libcpanel-json-xs-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libcpanel-json-xs-perl | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |