Search CVE reports
121 – 130 of 26941 results
CVE-2024-52304
Medium priorityaiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.10.11, the Python parser parses newlines in chunk extensions incorrectly which can lead to request smuggling vulnerabilities under...
1 affected packages
python-aiohttp
Package | 20.04 LTS |
---|---|
python-aiohttp | Needs evaluation |
CVE-2024-52303
Medium priorityaiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an...
1 affected packages
python-aiohttp
Package | 20.04 LTS |
---|---|
python-aiohttp | Needs evaluation |
CVE-2024-47533
Medium priorityNot in release
Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and...
1 affected packages
cobbler
Package | 20.04 LTS |
---|---|
cobbler | Not in release |
CVE-2024-43416
Medium priorityNot in release
GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address corresponds to a valid GLPI user....
1 affected packages
glpi
Package | 20.04 LTS |
---|---|
glpi | Not in release |
CVE-2024-52318
Medium priorityIncorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
Package | 20.04 LTS |
---|---|
tomcat10 | Not in release |
tomcat6 | Not in release |
tomcat7 | Not in release |
tomcat8 | Not in release |
tomcat9 | Needs evaluation |
CVE-2024-52317
Medium priorityIncorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache...
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
Package | 20.04 LTS |
---|---|
tomcat10 | Not in release |
tomcat6 | Not in release |
tomcat7 | Not in release |
tomcat8 | Not in release |
tomcat9 | Needs evaluation |
CVE-2024-52316
Medium priorityUnchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process...
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
Package | 20.04 LTS |
---|---|
tomcat10 | Not in release |
tomcat6 | Not in release |
tomcat7 | Not in release |
tomcat8 | Not in release |
tomcat9 | Needs evaluation |
CVE-2024-48901
Medium priorityNot in release
A vulnerability was found in Moodle. Additional checks are required to ensure users can only access the schedule of a report if they have permission to edit that report.
1 affected packages
moodle
Package | 20.04 LTS |
---|---|
moodle | Not in release |
CVE-2024-48898
Medium priorityNot in release
A vulnerability was found in Moodle. Users with access to delete audiences from reports could delete audiences from other reports that they do not have permission to delete from.
1 affected packages
moodle
Package | 20.04 LTS |
---|---|
moodle | Not in release |
CVE-2024-48897
Medium priorityNot in release
A vulnerability was found in Moodle. Additional checks are required to ensure users can only edit or delete RSS feeds that they have permission to modify.
1 affected packages
moodle
Package | 20.04 LTS |
---|---|
moodle | Not in release |