Search CVE reports
101 – 110 of 37401 results
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This has been fixed in pypdf 6.7.2....
2 affected packages
pypdf, pypdf2
| Package | 20.04 LTS |
|---|---|
| pypdf | — |
| pypdf2 | Needs evaluation |
Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal....
1 affected package
node-rollup
| Package | 20.04 LTS |
|---|---|
| node-rollup | Needs evaluation |
[Unknown description]
2 affected packages
libsoup2.4, libsoup3
| Package | 20.04 LTS |
|---|---|
| libsoup2.4 | Needs evaluation |
| libsoup3 | — |
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the...
1 affected package
libimage-exiftool-perl
| Package | 20.04 LTS |
|---|---|
| libimage-exiftool-perl | Not affected |
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 20.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 20.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 20.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 20.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
9 affected packages
firefox, thunderbird, mozjs38, mozjs52, mozjs68...
| Package | 20.04 LTS |
|---|---|
| firefox | — |
| thunderbird | — |
| mozjs38 | — |
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
Race condition in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
9 affected packages
mozjs52, mozjs68, mozjs78, mozjs91, mozjs102...
| Package | 20.04 LTS |
|---|---|
| mozjs52 | Ignored |
| mozjs68 | Ignored |
| mozjs78 | — |
| mozjs91 | — |
| mozjs102 | — |
| mozjs115 | — |
| firefox | — |
| thunderbird | — |
| mozjs38 | — |