Search CVE reports
1 – 10 of 14 results
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0...
5 affected packages
mongodb, zlib, rsync, klibc, zsync
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation |
| zlib | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| rsync | Not affected | Not affected | Vulnerable | Vulnerable |
| klibc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| zsync | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE:...
3 affected packages
zlib, rsync, klibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| zlib | Not affected | Not affected | Not affected | Not affected |
| rsync | Not affected | Not affected | Not affected | Not affected |
| klibc | Not affected | Not affected | Not affected | Not affected |
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle...
3 affected packages
rsync, zlib, klibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| rsync | Not affected | Not affected | Fixed | Fixed |
| zlib | Not affected | Fixed | Fixed | Fixed |
| klibc | Fixed | Fixed | Fixed | Fixed |
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
5 affected packages
rsync, zlib, mariadb-10.3, mariadb-10.6, klibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| rsync | Not affected | Not affected | Fixed | Fixed |
| zlib | Fixed | Fixed | Fixed | Fixed |
| mariadb-10.3 | — | Not in release | Fixed | Not in release |
| mariadb-10.6 | Not in release | Fixed | Not in release | Not in release |
| klibc | Fixed | Fixed | Fixed | Fixed |
Some fixes available 4 of 6
An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.
1 affected package
klibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| klibc | — | Not affected | Fixed | Fixed |
Some fixes available 4 of 6
An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.
1 affected package
klibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| klibc | — | Not affected | Fixed | Fixed |
Some fixes available 4 of 6
An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems.
1 affected package
klibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| klibc | — | Not affected | Fixed | Fixed |
Some fixes available 4 of 6
An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.
1 affected package
klibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| klibc | — | Not affected | Fixed | Fixed |
In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with...
1 affected package
klibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| klibc | — | — | — | — |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-1930. Reason: This candidate is a reservation duplicate of CVE-2011-1930. Notes: All CVE users should reference CVE-2011-1930 instead of this candidate. ...
1 affected package
klibc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| klibc | — | — | — | — |