Product:

Ubuntu_linux

(Canonical)
Repositories https://github.com/torvalds/linux
https://github.com/LibRaw/LibRaw
https://github.com/neomutt/neomutt
https://github.com/ImageMagick/ImageMagick
https://github.com/xkbcommon/libxkbcommon
https://github.com/FreeRDP/FreeRDP
https://github.com/kyz/libmspack
https://github.com/gpac/gpac
https://github.com/dbry/WavPack
https://github.com/curl/curl
https://github.com/file/file
https://github.com/audreyt/module-signature
https://github.com/LibVNC/libvncserver
https://github.com/rubygems/rubygems
https://github.com/Perl/perl5
https://github.com/libarchive/libarchive
https://github.com/tats/w3m
https://github.com/openvswitch/ovs
https://github.com/ntp-project/ntp
https://github.com/apache/httpd
https://github.com/newsoft/libvncserver
https://github.com/memcached/memcached
https://github.com/WebKit/webkit
https://github.com/libgd/libgd
https://github.com/dosfstools/dosfstools
https://github.com/lxc/lxcfs
https://github.com/bagder/curl
https://github.com/vrtadmin/clamav-devel
https://github.com/mysql/mysql-server
https://github.com/GNOME/pango
https://github.com/openssh/openssh-portable
https://github.com/dovecot/core
https://git.kernel.org/pub/scm/git/git.git
https://github.com/openstack/nova-lxd
https://github.com/apple/cups
https://github.com/beanshell/beanshell
https://github.com/php/php-src
https://github.com/derickr/timelib
https://github.com/glennrp/libpng
https://github.com/openbsd/src
https://git.savannah.gnu.org/git/patch.git
https://github.com/requests/requests
https://github.com/puppetlabs/puppet
https://github.com/lxc/lxc
https://github.com/flori/json
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/simsong/tcpflow
https://github.com/qpdf/qpdf
https://github.com/lxml/lxml
https://github.com/git/git
https://github.com/TeX-Live/texlive-source
https://github.com/liblouis/liblouis
https://github.com/ImageMagick/ImageMagick6
https://github.com/mm2/Little-CMS
https://github.com/lavv17/lftp
https://github.com/Cisco-Talos/clamav-devel
https://github.com/moinwiki/moin-1.9
https://github.com/pyca/cryptography
https://github.com/libimobiledevice/libimobiledevice
https://github.com/jpirko/libndp
https://github.com/wikimedia/mediawiki
https://github.com/kohler/t1utils
https://github.com/kennethreitz/requests
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/quassel/quassel
https://github.com/hexchat/hexchat
https://github.com/mongodb/mongo-python-driver
https://github.com/openstack/glance
https://github.com/openstack/nova
#Vulnerabilities 2262
Date ID Summary Products Score Patch
2019-05-30 CVE-2019-8457 SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. Ubuntu_linux, Fedora, Leap, Sqlite N/A
2019-09-09 CVE-2019-16168 In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." Ubuntu_linux, Fedora, Ontap_select_deploy_administration_utility, Leap, Sqlite N/A
2019-09-13 CVE-2019-15030 In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check. Ubuntu_linux, Linux_kernel, Leap, Enterprise_linux N/A
2019-12-23 CVE-2019-11050 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. Ubuntu_linux, Debian_linux, Fedora, Php N/A
2018-06-18 CVE-2018-1060 python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service. Ubuntu_linux, Debian_linux, Fedora, Python, Ansible_tower, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 7.5
2020-01-02 CVE-2013-4532 Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. Ubuntu_linux, Debian_linux, Qemu N/A
2019-12-31 CVE-2013-4357 The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. Ubuntu_linux, Debian_linux, Eglibc, Fedora, Suse_linux_enterprise_server N/A
2020-01-08 CVE-2019-17025 Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 72. Ubuntu_linux, Firefox N/A
2020-01-08 CVE-2019-17024 Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72. Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation N/A
2020-01-08 CVE-2019-17023 After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72. Ubuntu_linux, Firefox N/A