Search CVE reports
331 – 340 of 30790 results
Not in release
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with auditor-level...
1 affected package
gitlab
| Package | 26.04 LTS |
|---|---|
| gitlab | Not in release |
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.5.32 and 3.6.13, when etcd is configured with --listen-client-http-urls to split HTTP and gRPC client endpoints onto separate listeners, the...
1 affected package
etcd
| Package | 26.04 LTS |
|---|---|
| etcd | Needs evaluation |
Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination...
1 affected package
rust-wasmtime
| Package | 26.04 LTS |
|---|---|
| rust-wasmtime | Needs evaluation |
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client could be registered as the configured no_auth_user through a parser path used when the first...
1 affected package
nats-server
| Package | 26.04 LTS |
|---|---|
| nats-server | Needs evaluation |
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a WebSocket listener could route requests for the MQTT-over-WebSocket path into MQTT handling even when...
1 affected package
nats-server
| Package | 26.04 LTS |
|---|---|
| nats-server | Needs evaluation |
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying...
1 affected package
nats-server
| Package | 26.04 LTS |
|---|---|
| nats-server | Needs evaluation |
py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, PackInfo._read() in archiveinfo.py used an O(n^2) cumulative sum pattern for...
1 affected package
py7zr
| Package | 26.04 LTS |
|---|---|
| py7zr | Needs evaluation |
py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, py7zr's Worker.decompress() extracted archive entries without tracking total decompressed...
1 affected package
py7zr
| Package | 26.04 LTS |
|---|---|
| py7zr | Needs evaluation |
AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Prior to 2.23.1, a malicious SSH server can write arbitrary files on the...
1 affected package
python-asyncssh
| Package | 26.04 LTS |
|---|---|
| python-asyncssh | Needs evaluation |
AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309...
1 affected package
python-asyncssh
| Package | 26.04 LTS |
|---|---|
| python-asyncssh | Needs evaluation |