Search CVE reports
61 – 70 of 38290 results
Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt
2 affected packages
golang-github-boltdb-bolt, golang-github-coreos-bbolt
| Package | 20.04 LTS |
|---|---|
| golang-github-boltdb-bolt | Needs evaluation |
| golang-github-coreos-bbolt | Needs evaluation |
Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix...
1 affected package
vim
| Package | 20.04 LTS |
|---|---|
| vim | Needs evaluation |
Hugo is a static site generator. From 0.60.0 to before 0.159.2, links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for...
1 affected package
hugo
| Package | 20.04 LTS |
|---|---|
| hugo | Needs evaluation |
Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to...
3 affected packages
golang-github-go-jose-go-jose, golang-github-go-jose-go-jose.v3, golang-gopkg-square-go-jose.v2
| Package | 20.04 LTS |
|---|---|
| golang-github-go-jose-go-jose | — |
| golang-github-go-jose-go-jose.v3 | — |
| golang-gopkg-square-go-jose.v2 | Needs evaluation |
A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction...
1 affected package
tar
| Package | 20.04 LTS |
|---|---|
| tar | Needs evaluation |
Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The `complete`, `guitabtooltip` and `printheader`...
1 affected package
vim
| Package | 20.04 LTS |
|---|---|
| vim | Vulnerable |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internal_exr_undo_piz() advances the...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Needs evaluation |
Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier, attribute_filter is not consistently applied when attributes are accessed through built-in functions like getattr and setattr. This allows an...
1 affected package
python-lupa
| Package | 20.04 LTS |
|---|---|
| python-lupa | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a signed integer overflow exists in...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Needs evaluation |