Search CVE reports

11 – 20 of 25 results

Detailed view

Sort by:

CVE-2012-0876

Medium priority

Some fixes available 35 of 382

The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption)...

41 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
apache2	Not affected	Not affected	Not affected	Not affected	Not affected
apr-util	Not affected	Not affected	Not affected	Not affected	Not affected
audacity	Needs evaluation	Not affected	Not affected	Not affected	Not affected
ayttm	Not in release	Not in release	Not in release	Not in release	Vulnerable
cableswig	Not in release	Not in release	Not in release	Not in release	Vulnerable
cadaver	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
celementtree	Not in release	Not in release	Not in release	Not in release	Not in release
cmake	Not affected	Not affected	Not affected	Not affected	Not affected
coin3	Not affected	Not affected	Not affected	Vulnerable	Vulnerable
expat	Not affected	Not affected	Not affected	Not affected	Not affected
gdcm	Not affected	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected	Not affected
grmonitor	Not in release	Not in release	Not in release	Not in release	Not in release
insighttoolkit	Not in release	Not in release	Not in release	Not in release	Vulnerable
kompozer	Not in release	Not in release	Not in release	Not in release	Not in release
libparagui1.1	Not in release	Not in release	Not in release	Not in release	Not in release
libxmltok	Not affected	Not affected	Not affected	Not affected	Not affected
matanza	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
paraview	Not affected	Not affected	Not affected	Not affected	Not affected
poco	Not affected	Not affected	Not affected	Not affected	Not affected
python-xml	Not in release	Not in release	Not in release	Not in release	Not in release
python2.4	Not in release	Not in release	Not in release	Not in release	Not in release
python2.5	Not in release	Not in release	Not in release	Not in release	Not in release
python2.6	Not in release	Not in release	Not in release	Not in release	Not in release
simgear	Not affected	Not affected	Not affected	Not affected	Not affected
sitecopy	Not in release	Not affected	Not affected	Not affected	Not affected
smart	Not in release	Not in release	Not in release	Not affected	Not affected
swish-e	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
tdom	Not affected	Not affected	Not affected	Not affected	Not affected
texlive-bin	Not affected	Not affected	Not affected	Not affected	Not affected
tla	Not affected	Not affected	Not affected	Not affected	Not affected
vnc4	Not in release	Not in release	Not in release	Ignored	Ignored
vtk	Not in release	Not in release	Not in release	Not in release	Not affected
w3c-libwww	Not in release	Not in release	Not in release	Not in release	Not in release
wbxml2	Not affected	Not affected	Not affected	Not affected	Not affected
wxwidgets2.6	Not in release	Not in release	Not in release	Not in release	Not in release
wxwidgets2.8	Not in release	Not in release	Not in release	Not in release	Not in release
wxwindows2.4	Not in release	Not in release	Not in release	Not in release	Not in release
xmlrpc-c	Fixed	Fixed	Fixed	Fixed	Fixed
xotcl	Not affected	Not affected	Not affected	Not affected	Not affected
xulrunner	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2011-4940

Medium priority

Some fixes available 5 of 7

The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it...

4 affected packages

python2.4, python2.5, python2.6, python2.7

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.4	—	—	—	—	—
python2.5	—	—	—	—	—
python2.6	—	—	—	—	—
python2.7	—	—	—	—	—

CVE-2012-1150

Medium priority

Some fixes available 9 of 14

Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.4	—	—	—	—	—
python2.5	—	—	—	—	—
python2.6	—	—	—	—	—
python2.7	—	—	—	—	—
python3.1	—	—	—	—	—
python3.2	—	—	—	—	—

CVE-2012-0845

Low priority

Some fixes available 11 of 14

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.4	—	—	—	—	—
python2.5	—	—	—	—	—
python2.6	—	—	—	—	—
python2.7	—	—	—	—	—
python3.1	—	—	—	—	—
python3.2	—	—	—	—	—

CVE-2011-1521

Medium priority

Some fixes available 9 of 12

The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.4	—	—	—	—	—
python2.5	—	—	—	—	—
python2.6	—	—	—	—	—
python2.7	—	—	—	—	—
python3.1	—	—	—	—	—
python3.2	—	—	—	—	—

CVE-2011-1015

Low priority

Some fixes available 5 of 7

The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI.

4 affected packages

python2.4, python2.5, python2.6, python2.7

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.4	—	—	—	—	—
python2.5	—	—	—	—	—
python2.6	—	—	—	—	—
python2.7	—	—	—	—	—

CVE-2010-3492

Negligible priority

Ignored

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the...

4 affected packages

python2.6, python2.7, python3.1, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.6	—	—	—	—	—
python2.7	—	—	—	—	—
python3.1	—	—	—	—	—
python3.2	—	—	—	—	—

CVE-2010-3493

Negligible priority

Some fixes available 4 of 7

Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection,...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.4	—	—	—	—	—
python2.5	—	—	—	—	—
python2.6	—	—	—	—	—
python2.7	—	—	—	—	—
python3.1	—	—	—	—	—
python3.2	—	—	—	—	—

CVE-2010-2089

Low priority

Some fixes available 4 of 11

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.4	—	—	—	—	—
python2.5	—	—	—	—	—
python2.6	—	—	—	—	—
python2.7	—	—	—	—	—
python3.1	—	—	—	—	—
python3.2	—	—	—	—	—

CVE-2010-1634

Low priority

Some fixes available 4 of 11

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to...

6 affected packages

python2.4, python2.5, python2.6, python2.7, python3.1, python3.2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
python2.4	—	—	—	—	—
python2.5	—	—	—	—	—
python2.6	—	—	—	—	—
python2.7	—	—	—	—	—
python3.1	—	—	—	—	—
python3.2	—	—	—	—	—

Export to JSON

Results by page: