Search CVE reports
1 – 5 of 5 results
Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.
1 affected package
node-cipher-base
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| node-cipher-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R...
1 affected package
r-base
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| r-base | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
The R programming languageās default package manager CRAN is affected by a path traversal vulnerability that can lead to server compromise. This vulnerability affects packages installed via the R CMD install cli command or the...
1 affected package
r-base
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| r-base | Not affected | Not affected | Vulnerable | Vulnerable |
Some fixes available 2 of 6
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An...
1 affected package
r-base
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| r-base | — | Not affected | Not affected | Not affected |
javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
2 affected packages
r-base, r-base-core-ra
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| r-base | — | Not affected | Not affected | Not affected |
| r-base-core-ra | — | — | — | — |