Search CVE reports
31 – 40 of 43 results
CVE-2015-1283
Medium prioritySome fixes available 37 of 233
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or...
33 affected packages
apache2, apr-util, audacity, ayttm, cableswig...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
audacity | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
ayttm | Not in release | Not in release | Not in release | Not in release | Vulnerable |
cableswig | Not in release | Not in release | Not in release | Not in release | Vulnerable |
cadaver | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
chromium-browser | Fixed | Fixed | Fixed | Fixed | Fixed |
cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
coin3 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
expat | Not affected | Not affected | Not affected | Not affected | Not affected |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
insighttoolkit | Not in release | Not in release | Not in release | Not in release | Vulnerable |
kompozer | Not in release | Not in release | Not in release | Not in release | Not in release |
libparagui1.1 | Not in release | Not in release | Not in release | Not in release | Not in release |
libxmltok | Vulnerable | Fixed | Fixed | Fixed | Fixed |
matanza | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
oxide-qt | Not in release | Not in release | Not in release | Not in release | Fixed |
poco | Not affected | Not affected | Not affected | Not affected | Not affected |
simgear | Not affected | Not affected | Not affected | Not affected | Not affected |
sitecopy | Not in release | Not affected | Not affected | Not affected | Not affected |
smart | Not in release | Not in release | Not in release | Not affected | Not affected |
swish-e | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
tdom | Not affected | Not affected | Not affected | Not affected | Not affected |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
tla | Not affected | Not affected | Not affected | Not affected | Not affected |
vnc4 | Not in release | Not in release | Not in release | Vulnerable | Fixed |
vtk | Not in release | Not in release | Not in release | Not in release | Not affected |
wbxml2 | Not affected | Not affected | Not affected | Not affected | Not affected |
wxwidgets2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwidgets2.8 | Not in release | Not in release | Not in release | Not in release | Not in release |
xmlrpc-c | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
xotcl | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2013-0340
Medium priorityexpat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption),...
40 affected packages
apache2, apr-util, audacity, ayttm, cableswig...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | — | — | — | — | — |
apr-util | — | — | — | — | — |
audacity | — | — | — | — | — |
ayttm | — | — | — | — | — |
cableswig | — | — | — | — | — |
cadaver | — | — | — | — | — |
celementtree | — | — | — | — | — |
cmake | — | — | — | — | — |
coin3 | — | — | — | — | — |
expat | — | — | — | — | — |
gdcm | — | — | — | — | — |
ghostscript | — | — | — | — | — |
grmonitor | — | — | — | — | — |
insighttoolkit | — | — | — | — | — |
kompozer | — | — | — | — | — |
libparagui1.1 | — | — | — | — | — |
matanza | — | — | — | — | — |
paraview | — | — | — | — | — |
poco | — | — | — | — | — |
python-xml | — | — | — | — | — |
python2.4 | — | — | — | — | — |
python2.5 | — | — | — | — | — |
python2.6 | — | — | — | — | — |
simgear | — | — | — | — | — |
sitecopy | — | — | — | — | — |
smart | — | — | — | — | — |
swish-e | — | — | — | — | — |
tdom | — | — | — | — | — |
texlive-bin | — | — | — | — | — |
tla | — | — | — | — | — |
vnc4 | — | — | — | — | — |
vtk | — | — | — | — | — |
w3c-libwww | — | — | — | — | — |
wbxml2 | — | — | — | — | — |
wxwidgets2.6 | — | — | — | — | — |
wxwidgets2.8 | — | — | — | — | — |
wxwindows2.4 | — | — | — | — | — |
xmlrpc-c | — | — | — | — | — |
xotcl | — | — | — | — | — |
xulrunner | — | — | — | — | — |
CVE-2012-6702
Medium prioritySome fixes available 5 of 100
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
32 affected packages
apache2, apr-util, audacity, ayttm, cableswig...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
audacity | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
ayttm | Not in release | Not in release | Not in release | Not in release | Not affected |
cableswig | Not in release | Not in release | Not in release | Not in release | Not affected |
cadaver | Not affected | Not affected | Not affected | Not affected | Not affected |
cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
coin3 | Not affected | Not affected | Not affected | Not affected | Not affected |
expat | Not affected | Not affected | Not affected | Not affected | Fixed |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
insighttoolkit | Not in release | Not in release | Not in release | Not in release | Vulnerable |
kompozer | Not in release | Not in release | Not in release | Not in release | Not in release |
libparagui1.1 | Not in release | Not in release | Not in release | Not in release | Not in release |
libxmltok | Not affected | Not affected | Not affected | Not affected | Not affected |
matanza | Not affected | Not affected | Not affected | Not affected | Not affected |
paraview | Not affected | Not affected | Not affected | Not affected | Not affected |
poco | Not affected | Not affected | Not affected | Not affected | Not affected |
simgear | Not affected | Not affected | Not affected | Not affected | Not affected |
sitecopy | Not in release | Not affected | Not affected | Not affected | Not affected |
smart | Not in release | Not in release | Not in release | Not affected | Not affected |
swish-e | Not affected | Not affected | Not affected | Not affected | Not affected |
tdom | Not affected | Not affected | Not affected | Not affected | Not affected |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
tla | Not affected | Not affected | Not affected | Not affected | Not affected |
vnc4 | Not in release | Not in release | Not in release | Ignored | Ignored |
vtk | Not in release | Not in release | Not in release | Not in release | Not affected |
wbxml2 | Not affected | Not affected | Not affected | Not affected | Not affected |
wxwidgets2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwidgets2.8 | Not in release | Not in release | Not in release | Not in release | Not in release |
xmlrpc-c | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
xotcl | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2012-1147
Low priorityreadfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
40 affected packages
apache2, apr-util, audacity, ayttm, cableswig...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | — | — | — | Ignored | Ignored |
apr-util | — | — | — | Ignored | Ignored |
audacity | — | — | — | Not affected | Not affected |
ayttm | — | — | — | Not in release | Not affected |
cableswig | — | — | — | Not in release | Not affected |
cadaver | — | — | — | Not affected | Not affected |
celementtree | — | — | — | Not in release | Not in release |
cmake | — | — | — | Ignored | Ignored |
coin3 | — | — | — | Not affected | Not affected |
expat | — | — | — | Not affected | Not affected |
gdcm | — | — | — | Not affected | Not affected |
ghostscript | — | — | — | Ignored | Ignored |
grmonitor | — | — | — | Not in release | Not in release |
insighttoolkit | — | — | — | Not in release | Not affected |
kompozer | — | — | — | Not in release | Not in release |
libparagui1.1 | — | — | — | Not in release | Not in release |
matanza | — | — | — | Not affected | Not affected |
paraview | — | — | — | Not affected | Not affected |
poco | — | — | — | Not affected | Not affected |
python-xml | — | — | — | Not in release | Not in release |
python2.4 | — | — | — | Not in release | Not in release |
python2.5 | — | — | — | Not in release | Not in release |
python2.6 | — | — | — | Not in release | Not in release |
simgear | — | — | — | Not affected | Not affected |
sitecopy | — | — | — | Not affected | Not affected |
smart | — | — | — | Ignored | Ignored |
swish-e | — | — | — | Not affected | Not affected |
tdom | — | — | — | Not affected | Not affected |
texlive-bin | — | — | — | Ignored | Ignored |
tla | — | — | — | Not affected | Not affected |
vnc4 | — | — | — | Ignored | Ignored |
vtk | — | — | — | Not in release | Not affected |
w3c-libwww | — | — | — | Not in release | Not in release |
wbxml2 | — | — | — | Not affected | Not affected |
wxwidgets2.6 | — | — | — | Not in release | Not in release |
wxwidgets2.8 | — | — | — | Not in release | Not in release |
wxwindows2.4 | — | — | — | Not in release | Not in release |
xmlrpc-c | — | — | — | Ignored | Ignored |
xotcl | — | — | — | Not affected | Not affected |
xulrunner | — | — | — | Not in release | Not in release |
CVE-2012-1148
Low prioritySome fixes available 39 of 391
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause...
41 affected packages
apache2, apr-util, audacity, ayttm, cableswig...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
audacity | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
ayttm | Not in release | Not in release | Not in release | Not in release | Vulnerable |
cableswig | Not in release | Not in release | Not in release | Not in release | Vulnerable |
cadaver | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
celementtree | Not in release | Not in release | Not in release | Not in release | Not in release |
cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
coin3 | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
expat | Not affected | Not affected | Not affected | Not affected | Not affected |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
grmonitor | Not in release | Not in release | Not in release | Not in release | Not in release |
insighttoolkit | Not in release | Not in release | Not in release | Not in release | Vulnerable |
kompozer | Not in release | Not in release | Not in release | Not in release | Not in release |
libparagui1.1 | Not in release | Not in release | Not in release | Not in release | Not in release |
libxmltok | Vulnerable | Fixed | Fixed | Fixed | Fixed |
matanza | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
paraview | Not affected | Not affected | Not affected | Not affected | Not affected |
poco | Not affected | Not affected | Not affected | Not affected | Not affected |
python-xml | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
simgear | Not affected | Not affected | Not affected | Not affected | Not affected |
sitecopy | Not in release | Not affected | Not affected | Not affected | Not affected |
smart | Not in release | Not in release | Not in release | Not affected | Not affected |
swish-e | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
tdom | Not affected | Not affected | Not affected | Not affected | Not affected |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
tla | Not affected | Not affected | Not affected | Not affected | Not affected |
vnc4 | Not in release | Not in release | Not in release | Ignored | Ignored |
vtk | Not in release | Not in release | Not in release | Not in release | Not affected |
w3c-libwww | Not in release | Not in release | Not in release | Not in release | Not in release |
wbxml2 | Not affected | Not affected | Not affected | Not affected | Not affected |
wxwidgets2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwidgets2.8 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwindows2.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
xmlrpc-c | Fixed | Fixed | Fixed | Fixed | Fixed |
xotcl | Not affected | Not affected | Not affected | Not affected | Not affected |
xulrunner | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2012-0876
Medium prioritySome fixes available 35 of 382
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption)...
41 affected packages
apache2, apr-util, audacity, ayttm, cableswig...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
audacity | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
ayttm | Not in release | Not in release | Not in release | Not in release | Vulnerable |
cableswig | Not in release | Not in release | Not in release | Not in release | Vulnerable |
cadaver | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
celementtree | Not in release | Not in release | Not in release | Not in release | Not in release |
cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
coin3 | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
expat | Not affected | Not affected | Not affected | Not affected | Not affected |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
grmonitor | Not in release | Not in release | Not in release | Not in release | Not in release |
insighttoolkit | Not in release | Not in release | Not in release | Not in release | Vulnerable |
kompozer | Not in release | Not in release | Not in release | Not in release | Not in release |
libparagui1.1 | Not in release | Not in release | Not in release | Not in release | Not in release |
libxmltok | Not affected | Not affected | Not affected | Not affected | Not affected |
matanza | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
paraview | Not affected | Not affected | Not affected | Not affected | Not affected |
poco | Not affected | Not affected | Not affected | Not affected | Not affected |
python-xml | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
simgear | Not affected | Not affected | Not affected | Not affected | Not affected |
sitecopy | Not in release | Not affected | Not affected | Not affected | Not affected |
smart | Not in release | Not in release | Not in release | Not affected | Not affected |
swish-e | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
tdom | Not affected | Not affected | Not affected | Not affected | Not affected |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
tla | Not affected | Not affected | Not affected | Not affected | Not affected |
vnc4 | Not in release | Not in release | Not in release | Ignored | Ignored |
vtk | Not in release | Not in release | Not in release | Not in release | Not affected |
w3c-libwww | Not in release | Not in release | Not in release | Not in release | Not in release |
wbxml2 | Not affected | Not affected | Not affected | Not affected | Not affected |
wxwidgets2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwidgets2.8 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwindows2.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
xmlrpc-c | Fixed | Fixed | Fixed | Fixed | Fixed |
xotcl | Not affected | Not affected | Not affected | Not affected | Not affected |
xulrunner | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2010-1623
Medium prioritySome fixes available 6 of 7
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other...
2 affected packages
apache2, apr-util
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | — | — | — | — | — |
apr-util | — | — | — | — | — |
CVE-2009-3560
Medium prioritySome fixes available 77 of 499
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed...
41 affected packages
apache2, apr-util, audacity, ayttm, cableswig...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
audacity | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
ayttm | Not in release | Not in release | Not in release | Not in release | Not affected |
cableswig | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
cadaver | Not affected | Not affected | Not affected | Not affected | Not affected |
celementtree | Not in release | Not in release | Not in release | Not in release | Not in release |
cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
coin3 | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
expat | Fixed | Fixed | Fixed | Fixed | Fixed |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
grmonitor | Not in release | Not in release | Not in release | Not in release | Not in release |
insighttoolkit | Not in release | Not in release | Not in release | Not in release | Not affected |
kompozer | Not in release | Not in release | Not in release | Not in release | Not in release |
libparagui1.1 | Not in release | Not in release | Not in release | Not in release | Not in release |
libxmltok | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
matanza | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
paraview | Not affected | Not affected | Not affected | Not affected | Not affected |
poco | Not affected | Not affected | Not affected | Not affected | Not affected |
python-xml | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
simgear | Not affected | Not affected | Not affected | Not affected | Not affected |
sitecopy | Not in release | Not affected | Not affected | Not affected | Not affected |
smart | Not in release | Not in release | Not in release | Not affected | Not affected |
swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tdom | Not affected | Not affected | Not affected | Not affected | Not affected |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
tla | Not affected | Not affected | Not affected | Not affected | Not affected |
vnc4 | Not in release | Not in release | Not in release | Not affected | Not affected |
vtk | Not in release | Not in release | Not in release | Not in release | Not affected |
w3c-libwww | Not in release | Not in release | Not in release | Not in release | Not in release |
wbxml2 | Not affected | Not affected | Not affected | Not affected | Not affected |
wxwidgets2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwidgets2.8 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwindows2.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
xmlrpc-c | Fixed | Fixed | Fixed | Fixed | Fixed |
xotcl | Not affected | Not affected | Not affected | Not affected | Not affected |
xulrunner | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2009-3720
Low prioritySome fixes available 77 of 527
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML...
41 affected packages
apache2, apr-util, audacity, ayttm, cableswig...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
audacity | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
ayttm | Not in release | Not in release | Not in release | Not in release | Not affected |
cableswig | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
cadaver | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
celementtree | Not in release | Not in release | Not in release | Not in release | Not in release |
cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
coin3 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
expat | Fixed | Fixed | Fixed | Fixed | Fixed |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
grmonitor | Not in release | Not in release | Not in release | Not in release | Not in release |
insighttoolkit | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
kompozer | Not in release | Not in release | Not in release | Not in release | Not in release |
libparagui1.1 | Not in release | Not in release | Not in release | Not in release | Not in release |
libxmltok | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
matanza | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
paraview | Not affected | Not affected | Not affected | Not affected | Not affected |
poco | Not affected | Not affected | Not affected | Not affected | Not affected |
python-xml | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.5 | Not in release | Not in release | Not in release | Not in release | Not in release |
python2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
simgear | Not affected | Not affected | Not affected | Not affected | Not affected |
sitecopy | Not in release | Not affected | Not affected | Not affected | Not affected |
smart | Not in release | Not in release | Not in release | Not affected | Not affected |
swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tdom | Not affected | Not affected | Not affected | Not affected | Not affected |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
tla | Not affected | Not affected | Not affected | Not affected | Not affected |
vnc4 | Not in release | Not in release | Not in release | Not affected | Not affected |
vtk | Not in release | Not in release | Not in release | Not in release | Not affected |
w3c-libwww | Not in release | Not in release | Not in release | Not in release | Not in release |
wbxml2 | Not affected | Not affected | Not affected | Not affected | Not affected |
wxwidgets2.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwidgets2.8 | Not in release | Not in release | Not in release | Not in release | Not in release |
wxwindows2.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
xmlrpc-c | Fixed | Fixed | Fixed | Fixed | Fixed |
xotcl | Not affected | Not affected | Not affected | Not affected | Not affected |
xulrunner | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2009-2412
Medium priorityMultiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly...
3 affected packages
apache2, apr, apr-util
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
apache2 | — | — | — | — | — |
apr | — | — | — | — | — |
apr-util | — | — | — | — | — |