Search CVE reports
91 – 100 of 516 results
Some fixes available 10 of 22
Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth...
5 affected packages
edk2, nodejs, openssl, openssl-fips, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Fixed | Fixed | Vulnerable | Needs evaluation |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Needs evaluation |
| openssl | Fixed | Fixed | Fixed | Fixed | Needs evaluation |
| openssl-fips | Not in release | Fixed | Not in release | Not in release | Not in release |
| openssl1.0 | Not in release | Not in release | Not in release | Not in release | Not affected |
A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to...
1 affected package
rust-openssl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| rust-openssl | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | — |
Some fixes available 14 of 21
Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Fixed | Fixed | Vulnerable | Needs evaluation |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssl1.0 | Not in release | Not in release | Not in release | Not in release | Fixed |
Some fixes available 8 of 11
Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Fixed | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Not affected | Not affected |
| openssl1.0 | Not in release | Not in release | Not in release | Not in release | Not affected |
Some fixes available 7 of 10
Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector...
4 affected packages
edk2, nodejs, openssl, openssl1.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| edk2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| nodejs | Not affected | Not affected | Vulnerable | Not affected | Not affected |
| openssl | Fixed | Fixed | Fixed | Not affected | Not affected |
| openssl1.0 | Not in release | Not in release | Not in release | Not in release | Not affected |
OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE:...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | — | Not affected | Not affected | Not affected |
| openssh-ssh1 | — | — | Not affected | Not affected | Not affected |
Some fixes available 4 of 19
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.
9 affected packages
firefox, mozjs102, mozjs38, mozjs52, mozjs68...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| firefox | Not affected | Not affected | Not affected | Fixed | Ignored |
| mozjs102 | Not in release | Ignored | Ignored | Not in release | Not in release |
| mozjs38 | Not in release | Not in release | Not in release | Not in release | Ignored |
| mozjs52 | Not in release | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Not in release | Ignored | Not in release |
| mozjs78 | Not in release | Not in release | Ignored | Not in release | Not in release |
| mozjs91 | Not in release | Not in release | Ignored | Not in release | Not in release |
| nss | Not affected | Not affected | Fixed | Fixed | Needs evaluation |
| thunderbird | Not affected | Not affected | Not affected | Not in release | Ignored |
Some fixes available 11 of 21
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssh-ssh1 | Ignored | Ignored | Ignored | Ignored | Ignored |
Some fixes available 5 of 11
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | Fixed | Fixed | Not affected | Not affected |
| openssh-ssh1 | — | Ignored | Ignored | Ignored | Ignored |
Some fixes available 46 of 95
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation...
13 affected packages
dropbear, filezilla, golang-go.crypto, libssh, libssh2...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dropbear | Needs evaluation | Needs evaluation | Fixed | Fixed | Fixed |
| filezilla | Fixed | Fixed | Fixed | Fixed | Not affected |
| golang-go.crypto | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libssh | Not affected | Not affected | Fixed | Fixed | Not affected |
| libssh2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| lxd | Not in release | Not in release | Not in release | Not affected | Fixed |
| openssh | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssh-ssh1 | Ignored | Ignored | Ignored | Ignored | Ignored |
| paramiko | Fixed | Fixed | Fixed | Fixed | Needs evaluation |
| proftpd-dfsg | Needs evaluation | Not affected | Not affected | Fixed | Needs evaluation |
| putty | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| python-asyncssh | Fixed | Fixed | Fixed | Fixed | Ignored |
| snapd | Not affected | Not affected | Not affected | Not affected | Not affected |