Vulnerabilities > Canonical > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-44420 | In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. | 7.3 |
| 2021-11-17 | CVE-2021-3939 | Release of Invalid Pointer or Reference vulnerability in Canonical Accountsservice and Ubuntu Linux Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function. | 7.8 |
| 2021-10-01 | CVE-2021-3626 | Unspecified vulnerability in Canonical Multipass The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation. | 8.8 |
| 2021-10-01 | CVE-2021-3747 | Unspecified vulnerability in Canonical Multipass 1.7.0/1.7.1 The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the application directory with incorrect owner. | 7.8 |
| 2021-06-11 | CVE-2021-25682 | Injection vulnerability in Canonical Apport It was discovered that the get_pid_info() function in data/apport did not properly parse the /proc/pid/status file from the kernel. | 7.2 |
| 2021-06-11 | CVE-2021-25683 | Improper Input Validation vulnerability in Canonical Apport It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel. | 7.2 |
| 2021-06-04 | CVE-2021-3489 | Out-of-bounds Write vulnerability in multiple products The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. | 7.2 |
| 2021-06-04 | CVE-2021-3490 | Out-of-bounds Write vulnerability in multiple products The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. | 7.2 |
| 2021-06-04 | CVE-2021-3491 | Out-of-bounds Write vulnerability in multiple products The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. | 7.2 |
| 2021-04-26 | CVE-2020-15078 | Missing Authentication for Critical Function vulnerability in multiple products OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. | 7.5 |