Search CVE reports
421 – 430 of 23512 results
CVE-2024-45239
Medium priorityAn issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a null eContent field. Fort dereferences the...
1 affected packages
fort-validator
| Package | 22.04 LTS |
|---|---|
| fort-validator | Needs evaluation |
CVE-2024-45238
Medium priorityAn issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a bit string that doesn't properly decode into a...
1 affected packages
fort-validator
| Package | 22.04 LTS |
|---|---|
| fort-validator | Needs evaluation |
CVE-2024-45237
Medium priorityAn issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing a Key Usage extension composed of more than two...
1 affected packages
fort-validator
| Package | 22.04 LTS |
|---|---|
| fort-validator | Needs evaluation |
CVE-2024-45236
Medium priorityAn issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a signed object containing an empty signedAttributes field. Fort accesses...
1 affected packages
fort-validator
| Package | 22.04 LTS |
|---|---|
| fort-validator | Needs evaluation |
CVE-2024-45235
Medium priorityAn issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a resource certificate containing an Authority Key Identifier extension that lacks...
1 affected packages
fort-validator
| Package | 22.04 LTS |
|---|---|
| fort-validator | Needs evaluation |
CVE-2024-45234
Medium priorityAn issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This...
1 affected packages
fort-validator
| Package | 22.04 LTS |
|---|---|
| fort-validator | Needs evaluation |
CVE-2024-23185
Medium priorityVery large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building...
1 affected packages
dovecot
| Package | 22.04 LTS |
|---|---|
| dovecot | Fixed |
CVE-2024-23184
Medium priorityHaving a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU intensive. With 100k header lines CPU usage is already 12 seconds, and in a production environment we observed 500k header lines taking 18...
1 affected packages
dovecot
| Package | 22.04 LTS |
|---|---|
| dovecot | Fixed |
CVE-2024-22034
Medium priority[Unknown description]
1 affected packages
osc
| Package | 22.04 LTS |
|---|---|
| osc | Needs evaluation |
CVE-2024-42845
Medium priorityNot in release
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
1 affected packages
invesalius
| Package | 22.04 LTS |
|---|---|
| invesalius | Not in release |