Search CVE reports
51 – 60 of 429 results
CVE-2022-24729
Low priorityCKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-24728
Medium priorityCKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-24614
Medium priorityWhen reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. This could be used to mount a...
1 affected packages
libmetadata-extractor-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libmetadata-extractor-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-24613
Low prioritymetadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services...
1 affected packages
libmetadata-extractor-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libmetadata-extractor-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-23853
Medium priorityThe LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it...
2 affected packages
kate, ktexteditor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kate | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ktexteditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-21363
Medium priorityVulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network...
1 affected packages
mysql-connector-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mysql-connector-java | — | — | — | Needs evaluation | Needs evaluation |
CVE-2021-41165
Medium priorityCKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-41164
Medium priorityCKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ckeditor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2021-43174
Low priorityNLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions...
2 affected packages
cfrpki, routinator
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cfrpki | — | Not affected | — | — | Ignored |
| routinator | — | — | — | — | Ignored |
CVE-2021-43173
Medium priorityIn NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall...
4 affected packages
cfrpki, fort-validator, routinator, rpki-client
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cfrpki | Not in release | Not affected | — | — | Ignored |
| fort-validator | Not affected | Not affected | Needs evaluation | — | Ignored |
| routinator | — | — | — | — | Ignored |
| rpki-client | Not affected | Not affected | — | — | Ignored |