IT, Cloud & DevOps Blog

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5292-4 Related CVEs: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1961365 https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1961791 CVE-2021-3155 CVE-2021-4120 CVE-2021-44730 CVE-2021-44731 CVE-2019-7303 https://launchpad.net/bugs/1812973  +2 more Upstream summary: USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced a regression that could break […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5899-1 Related CVEs: CVE-2022-46391 CVE-2017-1000501 CVE-2020-29600 CVE-2020-35176 Upstream summary: It was discovered that AWStats did not properly sanitize the content of whois responses in the hostinfo plugin. An attacker could […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5271-1 Related CVEs: CVE-2020-35572 CVE-2021-21311 CVE-2021-29625 Upstream summary: It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7223-1 Related CVEs: CVE-2024-56826 CVE-2024-56827 CVE-2021-29338 CVE-2021-3575 CVE-2022-1122 CVE-2023-39327 CVE-2020-6851 CVE-2020-8112  +12 more Upstream summary: Frank Zeng discovered that OpenJPEG incorrectly handled memory when using the decompression utility. An attacker […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8242-1 Related CVEs: CVE-2023-28447 Upstream summary: Takuya Aramaki discovered that Smarty, vendored in CiviCRM, did not properly escape JavaScript code. An attacker could possibly use this issue to conduct a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7109-1 Related CVEs: CVE-2022-41723 CVE-2022-41724 CVE-2022-41725 CVE-2023-24531 CVE-2023-24536 CVE-2023-29402 CVE-2023-29403 CVE-2023-29404  +12 more Upstream summary: Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5870-1 Related CVEs: CVE-2022-25147 CVE-2017-12618 Upstream summary: Ronald Crane discovered that APR-util did not properly handled memory when encoding or decoding certain input data. An attacker could possibly use this […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5382-1 Related CVEs: CVE-2022-1215 Upstream summary: Albin Eldstål-Ahrens and Lukas Lamster discovered libinput did not properly handle input devices with specially crafted names. A local attacker with physical access could […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7318-1 Related CVEs: CVE-2022-23638 CVE-2022-28959 CVE-2022-28960 CVE-2022-28961 CVE-2022-37155 CVE-2023-24258 CVE-2023-27372 CVE-2024-8517  +12 more Upstream summary: It was discovered that svg-sanitizer, vendored in SPIP, did not properly sanitize SVG/XML content. An […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7217-1 Related CVEs: CVE-2017-5886 CVE-2018-11255 CVE-2018-12983 CVE-2018-20797 CVE-2018-5308 CVE-2018-8002 CVE-2019-10723 CVE-2020-18971  +2 more Upstream summary: It was discovered that the PoDoFo library could dereference a NULL pointer when getting the […]