Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 5 of 5 results

CVE-2023-1672

Medium priority

Some fixes available 4 of 5

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

1 affected packages

tang

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tang Fixed Fixed Fixed Ignored
Show less packages

CVE-2022-33977

Medium priority
Ignored

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts recursive entity references in DTDs. By exploiting this vulnerability, a remote unauthenticated attacker...

1 affected packages

python-untangle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-untangle Not in release Not in release Not in release Not in release
Show less packages

CVE-2022-31471

Medium priority
Ignored

untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earlier improperly restricts XML external entity references. By exploiting this vulnerability, a remote unauthenticated attacker may...

1 affected packages

python-untangle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
python-untangle Not in release Not in release Not in release Not in release
Show less packages

CVE-2021-4076

Medium priority
Ignored

A flaw exists in tang, a network-based cryptographic binding server, which could result in leak of private keys.

1 affected packages

tang

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tang Not affected Not affected Not affected Ignored
Show less packages

CVE-2010-3381

Low priority
Ignored

The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current...

1 affected packages

tangerine

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
tangerine
Show less packages