Search CVE reports


Toggle filters

81 – 84 of 84 results


CVE-2023-39318

Medium priority

Some fixes available 8 of 21

The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts,...

13 affected packages

golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang Not in release Not in release Not in release Not in release Not in release
golang-1.10 Not in release Not in release Not in release Not in release Needs evaluation
golang-1.13 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
golang-1.14 Not in release Not in release Not in release Needs evaluation Not in release
golang-1.16 Not in release Not in release Not in release Needs evaluation Needs evaluation
golang-1.17 Not in release Not in release Fixed Not in release Not in release
golang-1.18 Not in release Not in release Fixed Fixed Fixed
golang-1.19 Not in release Not in release Not in release Not in release Not in release
golang-1.20 Not in release Not in release Fixed Fixed Not in release
golang-1.21 Not in release Not affected Not affected Not affected Not in release
golang-1.6 Not in release Not in release Not in release Not in release Not in release
golang-1.8 Not in release Not in release Not in release Not in release Needs evaluation
golang-1.9 Not in release Not in release Not in release Not in release Needs evaluation
Show all 13 packages Show less packages

CVE-2022-41725

Medium priority

Some fixes available 6 of 18

A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This...

14 affected packages

containerd, golang, golang-1.10, golang-1.13, golang-1.14...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
containerd Not affected Not affected Not affected Not affected Not affected
golang Not in release Not in release Not in release Not in release Not in release
golang-1.10 Not in release Not in release Not in release Not in release Vulnerable
golang-1.13 Not in release Not in release Vulnerable Vulnerable Vulnerable
golang-1.14 Not in release Not in release Not in release Vulnerable Not in release
golang-1.16 Not in release Not in release Not in release Vulnerable Vulnerable
golang-1.17 Not in release Not in release Fixed Not in release Not in release
golang-1.18 Not in release Not in release Fixed Fixed Fixed
golang-1.19 Not in release Not in release Not in release Not in release Not in release
golang-1.20 Not in release Not in release Not affected Not affected Not in release
golang-1.21 Not in release Not affected Not affected Not affected Not in release
golang-1.6 Not in release Not in release Not in release Not in release Not in release
golang-1.8 Not in release Not in release Not in release Not in release Vulnerable
golang-1.9 Not in release Not in release Not in release Not in release Vulnerable
Show all 14 packages Show less packages

CVE-2022-41724

Medium priority

Some fixes available 6 of 12

Large handshake records may cause panics in crypto/tls. Both clients and servers may send large TLS handshake records which cause servers and clients, respectively, to panic when attempting to construct responses. This affects all...

13 affected packages

golang, golang-1.10, golang-1.13, golang-1.14, golang-1.16...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
golang Not in release Not in release Not in release Not in release Not in release
golang-1.10 Not in release Not in release Not in release Not in release Not affected
golang-1.13 Not in release Not in release Vulnerable Vulnerable Vulnerable
golang-1.14 Not in release Not in release Not in release Vulnerable Not in release
golang-1.16 Not in release Not in release Not in release Vulnerable Vulnerable
golang-1.17 Not in release Not in release Fixed Not in release Not in release
golang-1.18 Not in release Not in release Fixed Fixed Fixed
golang-1.19 Not in release Not in release Not in release Not in release Not in release
golang-1.20 Not in release Not in release Not affected Not affected Not in release
golang-1.21 Not in release Not affected Not affected Not affected Not in release
golang-1.6 Not in release Not in release Not in release Not in release Not in release
golang-1.8 Not in release Not in release Not in release Not in release Not affected
golang-1.9 Not in release Not in release Not in release Not in release Not affected
Show all 13 packages Show less packages

CVE-2022-41723

Medium priority

Some fixes available 23 of 38

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

20 affected packages

adsys, containerd, golang, golang-1.10, golang-1.13...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
adsys Not affected Not affected Not affected Fixed
containerd Not affected Not affected Not affected Not affected Not affected
golang Not in release Not in release Not in release Not in release Not in release
golang-1.10 Not in release Not in release Not in release Not in release Vulnerable
golang-1.13 Not in release Not in release Vulnerable Vulnerable Vulnerable
golang-1.14 Not in release Not in release Not in release Vulnerable Not in release
golang-1.16 Not in release Not in release Not in release Vulnerable Vulnerable
golang-1.17 Not in release Not in release Fixed Not in release Not in release
golang-1.18 Not in release Not in release Fixed Fixed Fixed
golang-1.19 Not in release Not in release Not in release Not in release Not in release
golang-1.20 Not in release Not in release Not affected Not affected Not in release
golang-1.21 Not in release Not affected Not affected Not affected Not in release
golang-1.6 Not in release Not in release Not in release Not in release Not in release
golang-1.8 Not in release Not in release Not in release Not in release Vulnerable
golang-1.9 Not in release Not in release Not in release Not in release Vulnerable
golang-golang-x-net Not affected Not affected Fixed Not in release Not in release
golang-golang-x-net-dev Not in release Not in release Not in release Fixed Fixed
google-guest-agent Fixed Fixed Fixed Fixed Fixed
juju-core Not in release Not in release Not in release
lxd Not in release Not in release Not in release Not affected Fixed
Show all 20 packages Show less packages