Search for packages
| purl | pkg:deb/ubuntu/bzr@2.5.1-0ubuntu1 |
| Next non-vulnerable version | 2.6.0+bzr6593-1ubuntu1.6 |
| Latest non-vulnerable version | 2.7.0-2ubuntu3.1 |
| Risk | 4.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-us5b-bv9a-aaaa
Aliases: CVE-2013-2099 |
Uncontrolled Resource Consumption Algorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate. |
Affected by 1 other vulnerability. |
|
VCID-v7ad-3uep-aaar
Aliases: CVE-2017-14176 |
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|