Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7353-1 Related CVEs: CVE-2022-1231 Upstream summary: Tobias S. Fink discovered that PlantUML was susceptible to cross-site scripting attacks (XSS) in instances where SVG images were rendered. An attacker could possibly […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4920-1 Related CVEs: CVE-2019-13132 CVE-2020-15166 CVE-2021-20234 CVE-2021-20235 CVE-2021-20237 Upstream summary: It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7497-1 Related CVEs: CVE-2021-21305 CVE-2023-49090 Upstream summary: Rikita Ishikawa discovered that CarrierWave did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute arbitrary code. This […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7168-1 Related CVEs: CVE-2023-0341 CVE-2024-53849 Upstream summary: It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use these issues to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7603-1 Related CVEs: CVE-2024-35241 CVE-2024-35242 CVE-2024-24821 CVE-2023-43655 CVE-2022-24828 Upstream summary: Thomas Chauchefoin discovered that Composer did not correctly handle certain arguments. An attacker could possibly use this issue to execute […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7168-1 Related CVEs: CVE-2023-0341 CVE-2024-53849 Upstream summary: It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use these issues to […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7208-1 Related CVEs: CVE-2022-42920 Upstream summary: Felix Wilhelm discovered that Apache Commons BCEL APIs incorrectly handled parameters due to a memory issue. An attacker supplying malicious input could exploit this […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4533-1 Related CVEs: https://launchpad.net/bugs/1839431 Upstream summary: Veeti Veteläinen discovered that the LTSP Display Manager (ldm) incorrectly handled user logins from unsupported shells. A local attacker could possibly use this issue […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7064-1 Related CVEs: CVE-2024-5742 Upstream summary: It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-2771-1 Related CVEs: https://launchpad.net/bugs/1506467 CVE-2015-8768 Upstream summary: It was discovered that click did not properly perform input sanitization during click package installation. If a user were tricked into installing a […]