Package Management

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8168-1 Related CVEs: CVE-2026-33056 Upstream summary: It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5251-1 Related CVEs: CVE-2021-45463 Upstream summary: It was discovered that GEGL incorrectly filtered and escaped file path input data when using the C system() function for execution of the ImageMagick […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5849-1 Related CVEs: CVE-2022-45142 CVE-2021-44758 CVE-2022-3437 CVE-2022-42898 CVE-2022-44640 CVE-2022-41916 CVE-2018-16860 CVE-2019-12098  +3 more Upstream summary: Helmut Grohne discovered that Heimdal GSSAPI incorrectly handled logical conditions that are related to memory […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4766-1 Related CVEs: CVE-2014-0114 CVE-2019-10086 Upstream summary: It was discovered that Apache Commons BeanUtils improperly handled certain input. An attacker could possibly use this vulnerability to cause a crash or […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8233-1 Related CVEs: CVE-2026-27135 CVE-2019-9511 CVE-2019-9513 CVE-2023-44487 CVE-2024-28182 Upstream summary: Andrew MacPherson discovered that nghttp2 did not properly validate internal state when the session termination API was called. A remote […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8138-1 Related CVEs: CVE-2026-33056 Upstream summary: It was discovered that tar-rs incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4812-1 Related CVEs: CVE-2017-14227 CVE-2018-16790 Upstream summary: It was discovered that libbson incorrectly validated input length. An attacker could possibly use this issue to cause a denial of service. This […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-5451-1 Related CVEs: CVE-2019-20933 Upstream summary: Ilya Averyanov discovered that an InfluxDB vulnerability allowed attackers to bypass authentication and gain access to any known database user. Table of contents Symptom […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8115-1 Related CVEs: CVE-2026-27459 CVE-2026-27448 Upstream summary: It was discovered that pyOpenSSL incorrectly handled exceptions in the tlsext_servername callback. This could result in connections being accepted after an exception, contrary […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8194-1 Related CVEs: CVE-2026-33347 CVE-2025-46734 CVE-2026-30838 Upstream summary: It was discovered that league/commonmark did not properly restrict unsafe attributes when the Attributes extension was enabled. An attacker could possibly use […]