Search CVE reports
81 – 90 of 42294 results
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat:...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 20.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | — |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through...
6 affected packages
tomcat6, tomcat7, tomcat8, tomcat9, tomcat10, tomcat11
| Package | 20.04 LTS |
|---|---|
| tomcat6 | — |
| tomcat7 | — |
| tomcat8 | — |
| tomcat9 | Needs evaluation |
| tomcat10 | — |
| tomcat11 | — |
CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path. The decrypt_done($tag) form compares it against the computed tag with memNE (memcmp() != 0), which...
1 affected package
libcryptx-perl
| Package | 20.04 LTS |
|---|---|
| libcryptx-perl | Needs evaluation |
JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growth. In JsMinify (XS.xs) the cleanup frees only the NodeSet structures and never the per-token contents...
1 affected package
libjavascript-minifier-xs-perl
| Package | 20.04 LTS |
|---|---|
| libjavascript-minifier-xs-perl | Needs evaluation |
JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString (XS.xs) inspects...
1 affected package
libjavascript-minifier-xs-perl
| Package | 20.04 LTS |
|---|---|
| libjavascript-minifier-xs-perl | Needs evaluation |
CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as...
1 affected package
libcss-minifier-xs-perl
| Package | 20.04 LTS |
|---|---|
| libcss-minifier-xs-perl | Needs evaluation |
A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when...
1 affected package
p11-kit
| Package | 20.04 LTS |
|---|---|
| p11-kit | Vulnerable |
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with...
5 affected packages
tiff, qtwebengine-opensource-src, texmaker, gdal, neuron
| Package | 20.04 LTS |
|---|---|
| tiff | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation |
| texmaker | Needs evaluation |
| gdal | Not affected |
| neuron | Needs evaluation |
A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes...
4 affected packages
llvm-toolchain-18, llvm-toolchain-19, llvm-toolchain-21, llvm-toolchain-22
| Package | 20.04 LTS |
|---|---|
| llvm-toolchain-18 | Needs evaluation |
| llvm-toolchain-19 | — |
| llvm-toolchain-21 | — |
| llvm-toolchain-22 | — |
A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in...
4 affected packages
llvm-toolchain-18, llvm-toolchain-19, llvm-toolchain-21, llvm-toolchain-22
| Package | 20.04 LTS |
|---|---|
| llvm-toolchain-18 | Needs evaluation |
| llvm-toolchain-19 | — |
| llvm-toolchain-21 | — |
| llvm-toolchain-22 | — |