Search CVE reports
351 – 360 of 30790 results
Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service
1 affected package
wireshark
| Package | 26.04 LTS |
|---|---|
| wireshark | Needs evaluation |
Not in release
HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a...
1 affected package
nomad
| Package | 26.04 LTS |
|---|---|
| nomad | Not in release |
Not in release
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary...
1 affected package
gitlab
| Package | 26.04 LTS |
|---|---|
| gitlab | Not in release |
Not in release
GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to modify group-level...
1 affected package
gitlab
| Package | 26.04 LTS |
|---|---|
| gitlab | Not in release |
Not in release
GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role...
1 affected package
gitlab
| Package | 26.04 LTS |
|---|---|
| gitlab | Not in release |
Not in release
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create...
1 affected package
gitlab
| Package | 26.04 LTS |
|---|---|
| gitlab | Not in release |
Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a maliciously crafted package from an untrusted repository other than Packagist.org or Private Packagist can cause Composer to...
1 affected package
composer
| Package | 26.04 LTS |
|---|---|
| composer | Needs evaluation |
Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, when Composer is run with -vvv debug verbosity, it could print a credential embedded in the username slot of a repository or package URL, such as a...
1 affected package
composer
| Package | 26.04 LTS |
|---|---|
| composer | Needs evaluation |
Composer is a dependency Manager for the PHP language. Prior to 2.2.29 and 2.10.2, a Composer package bin entry containing .. path segments can resolve outside the package install directory and cause Composer's binary installation...
1 affected package
composer
| Package | 26.04 LTS |
|---|---|
| composer | Needs evaluation |
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker...
2 affected packages
pypdf, pypdf2
| Package | 26.04 LTS |
|---|---|
| pypdf | Needs evaluation |
| pypdf2 | Not in release |