Search CVE reports
811 – 820 of 39047 results
Hugo is a static site generator. From 0.60.0 to before 0.159.2, links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for...
1 affected package
hugo
| Package | 20.04 LTS |
|---|---|
| hugo | Needs evaluation |
Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to...
3 affected packages
golang-github-go-jose-go-jose, golang-github-go-jose-go-jose.v3, golang-gopkg-square-go-jose.v2
| Package | 20.04 LTS |
|---|---|
| golang-github-go-jose-go-jose | — |
| golang-github-go-jose-go-jose.v3 | — |
| golang-gopkg-square-go-jose.v2 | Needs evaluation |
A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction...
1 affected package
tar
| Package | 20.04 LTS |
|---|---|
| tar | Vulnerable |
Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The `complete`, `guitabtooltip` and `printheader`...
1 affected package
vim
| Package | 20.04 LTS |
|---|---|
| vim | Fixed |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internal_exr_undo_piz() advances the...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Needs evaluation |
Lupa integrates the runtimes of Lua or LuaJIT2 into CPython. In 2.6 and earlier, attribute_filter is not consistently applied when attributes are accessed through built-in functions like getattr and setattr. This allows an...
1 affected package
python-lupa
| Package | 20.04 LTS |
|---|---|
| python-lupa | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a signed integer overflow exists in...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a misaligned memory write vulnerability...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Needs evaluation |
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR...
1 affected package
openexr
| Package | 20.04 LTS |
|---|---|
| openexr | Needs evaluation |