Search CVE reports
1 – 10 of 42354 results
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...
1 affected package
mediawiki
| Package | 20.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...
1 affected package
mediawiki
| Package | 20.04 LTS |
|---|---|
| mediawiki | Needs evaluation |
The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. In versions from 2.0.0 prior to 2.16.0 and from 3.0.0.Beta1 prior to...
1 affected package
async-http-client
| Package | 20.04 LTS |
|---|---|
| async-http-client | Needs evaluation |
In versions prior to 7.1.2-26he, the `-concatenate` operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. This issue has been fixed in version 7.1.2-26.
1 affected package
imagemagick
| Package | 20.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder. This issue has...
1 affected package
imagemagick
| Package | 20.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will...
1 affected package
imagemagick
| Package | 20.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a missing depth check in the MVG decoder will result in a stack overflow when a crafted image...
1 affected package
imagemagick
| Package | 20.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write...
1 affected package
imagemagick
| Package | 20.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when identifying an image with a crafted 8BIM profile with a specific format string a...
1 affected package
imagemagick
| Package | 20.04 LTS |
|---|---|
| imagemagick | Needs evaluation |
mchange-commons-java is a Java library of shared utility classes used by mchange projects like the c3p0 connection pool. Prior to version 0.6.0, its JNDI ObjectFactory implementation (com.mchange.v2.naming.JavaBeanObjectFactory)...
1 affected package
c3p0
| Package | 20.04 LTS |
|---|---|
| c3p0 | Needs evaluation |