Search CVE reports
71 – 80 of 34575 results
A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2....
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 22.04 LTS |
|---|---|
| webkitgtk | Not in release |
| webkit2gtk | Needs evaluation |
| qtwebkit-source | Not in release |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | Ignored |
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing...
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 22.04 LTS |
|---|---|
| webkitgtk | Not in release |
| webkit2gtk | Needs evaluation |
| qtwebkit-source | Not in release |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | Ignored |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web...
5 affected packages
webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit
| Package | 22.04 LTS |
|---|---|
| webkitgtk | Not in release |
| webkit2gtk | Needs evaluation |
| qtwebkit-source | Not in release |
| qtwebkit-opensource-src | Ignored |
| wpewebkit | Ignored |
Missing cryptographic key commitment in the AWS SDK for Ruby may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction...
1 affected package
ruby-aws-sdk
| Package | 22.04 LTS |
|---|---|
| ruby-aws-sdk | Needs evaluation |
Not in release
Missing cryptographic key commitment in the AWS SDK for PHP may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction...
1 affected package
aws-sdk-for-php
| Package | 22.04 LTS |
|---|---|
| aws-sdk-for-php | Not in release |
[Unknown description]
7 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 22.04 LTS |
|---|---|
| php5 | Not in release |
| php7.0 | Not in release |
| php7.2 | Not in release |
| php7.4 | Not in release |
| php8.1 | Needs evaluation |
| php8.3 | Not in release |
| php8.4 | Not in release |
[Unknown description]
7 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 22.04 LTS |
|---|---|
| php5 | Not in release |
| php7.0 | Not in release |
| php7.2 | Not in release |
| php7.4 | Not in release |
| php8.1 | Needs evaluation |
| php8.3 | Not in release |
| php8.4 | Not in release |
[Unknown description]
7 affected packages
php5, php7.0, php7.2, php7.4, php8.1...
| Package | 22.04 LTS |
|---|---|
| php5 | Not in release |
| php7.0 | Not in release |
| php7.2 | Not in release |
| php7.4 | Not in release |
| php8.1 | Needs evaluation |
| php8.3 | Not in release |
| php8.4 | Not in release |
In jose4j before 0.9.5, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it...
1 affected package
libjose4j-java
| Package | 22.04 LTS |
|---|---|
| libjose4j-java | Needs evaluation |
In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an attacker to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio....
1 affected package
python-jose
| Package | 22.04 LTS |
|---|---|
| python-jose | Needs evaluation |