Action not permitted
Modal body text goes here.
Modal Title
Modal Body
usn-6550-1
Vulnerability from osv_ubuntu
It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly sanitizing user input when generating templates. An attacker could, through PHP injection, possibly use this issue to execute arbitrary code. (CVE-2022-29221)
It was discovered that Moment.js, that is integrated in the PostfixAdmin code, was using an inefficient parsing algorithm when processing date strings in the RFC 2822 standard. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-31129)
It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly escaping JavaScript code. An attacker could possibly use this issue to conduct cross-site scripting attacks (XSS). (CVE-2023-28447)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2022-29221",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-28447",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
},
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.0.2-2ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.0.2-2ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-2ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.2-2"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2022-29221",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-28447",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:20.04:LTS"
}
},
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.2.1-3ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.2.1-3ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.1-3ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.2.1-2",
"3.2.1-3"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2022-29221",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2022-31129",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2023-28447",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:22.04:LTS"
}
},
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.3.10-2ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.3.10-2ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.10-2ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.7-1",
"3.3.10-2"
]
}
],
"aliases": [],
"details": "It was discovered that Smarty, that is integrated in the PostfixAdmin\ncode, was not properly sanitizing user input when generating templates. An\nattacker could, through PHP injection, possibly use this issue to execute\narbitrary code. (CVE-2022-29221)\n\nIt was discovered that Moment.js, that is integrated in the PostfixAdmin\ncode, was using an inefficient parsing algorithm when processing date\nstrings in the RFC 2822 standard. An attacker could possibly use this\nissue to cause a denial of service. This issue only affected Ubuntu 22.04\nLTS. (CVE-2022-31129)\n\nIt was discovered that Smarty, that is integrated in the PostfixAdmin\ncode, was not properly escaping JavaScript code. An attacker could\npossibly use this issue to conduct cross-site scripting attacks (XSS).\n(CVE-2023-28447)\n",
"id": "USN-6550-1",
"modified": "2026-04-27T14:11:32Z",
"published": "2023-12-12T12:15:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6550-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-29221"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-31129"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2023-28447"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "postfixadmin vulnerabilities",
"upstream": [
"UBUNTU-CVE-2022-29221",
"UBUNTU-CVE-2022-31129",
"UBUNTU-CVE-2023-28447"
]
}
ubuntu-cve-2022-29221
Vulnerability from osv_ubuntu
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds.
{
"affected": [
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "collabtive",
"binary_version": "2.0+dfsg-6ubuntu1.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "collabtive",
"purl": "pkg:deb/ubuntu/collabtive@2.0+dfsg-6ubuntu1.1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.0+dfsg-6",
"2.0+dfsg-6ubuntu1",
"2.0+dfsg-6ubuntu1.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "galette",
"binary_version": "0.8+dfsg-1ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "galette",
"purl": "pkg:deb/ubuntu/galette@0.8+dfsg-1ubuntu1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.8+dfsg-1",
"0.8+dfsg-1ubuntu1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gosa",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-desktop",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-help-de",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-help-en",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-help-fr",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-help-nl",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-connectivity",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-dhcp",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-dhcp-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-dns",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-dns-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-fai",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-fai-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-gofax",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-gofon",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-goto",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-kolab",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-kolab-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-ldapmanager",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-mail",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-mit-krb5",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-mit-krb5-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-nagios",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-nagios-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-netatalk",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-opengroupware",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-openxchange",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-openxchange-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-opsi",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-phpgw",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-phpgw-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-phpscheduleit",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-phpscheduleit-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-pptp",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-pptp-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-pureftpd",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-pureftpd-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-rolemanagement",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-rsyslog",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-samba",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-scalix",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-squid",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-ssh",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-ssh-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-sudo",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-sudo-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-systems",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-uw-imap",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-plugin-webdav",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
},
{
"binary_name": "gosa-schema",
"binary_version": "2.7.4+reloaded2-9ubuntu1.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "gosa",
"purl": "pkg:deb/ubuntu/gosa@2.7.4+reloaded2-9ubuntu1.1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.4+reloaded2-2",
"2.7.4+reloaded2-5",
"2.7.4+reloaded2-6",
"2.7.4+reloaded2-7",
"2.7.4+reloaded2-8",
"2.7.4+reloaded2-9",
"2.7.4+reloaded2-9ubuntu1",
"2.7.4+reloaded2-9ubuntu1.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "smarty3",
"binary_version": "3.1.21-1ubuntu1+esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "smarty3",
"purl": "pkg:deb/ubuntu/smarty3@3.1.21-1ubuntu1+esm2?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.1.21-1",
"3.1.21-1ubuntu1",
"3.1.21-1ubuntu1+esm1",
"3.1.21-1ubuntu1+esm2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gosa",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-desktop",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-help-de",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-help-en",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-help-fr",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-help-nl",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-connectivity",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-dhcp",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-dhcp-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-dns",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-dns-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-gofax",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-gofon",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-goto",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-kolab",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-kolab-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-ldapmanager",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-mail",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-mit-krb5",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-mit-krb5-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-nagios",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-nagios-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-netatalk",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-opengroupware",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-openxchange",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-openxchange-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-phpgw",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-phpgw-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-phpscheduleit",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-phpscheduleit-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-pptp",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-pptp-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-pureftpd",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-pureftpd-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-rolemanagement",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-rsyslog",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-samba",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-scalix",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-squid",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-ssh",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-ssh-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-sudo",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-sudo-schema",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-systems",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-uw-imap",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-plugin-webdav",
"binary_version": "2.7.4+reloaded3-3"
},
{
"binary_name": "gosa-schema",
"binary_version": "2.7.4+reloaded3-3"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "gosa",
"purl": "pkg:deb/ubuntu/gosa@2.7.4+reloaded3-3?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.4+reloaded2-13ubuntu1",
"2.7.4+reloaded3-2ubuntu1",
"2.7.4+reloaded3-3"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.0.2-2ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.0.2-2ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-2ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.2-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "smarty3",
"binary_version": "3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "smarty3",
"purl": "pkg:deb/ubuntu/smarty3@3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.1.31+20161214.1.c7d42e4+selfpack1-2",
"3.1.31+20161214.1.c7d42e4+selfpack1-3",
"3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1",
"3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gosa",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-desktop",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-help-de",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-help-en",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-help-fr",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-help-nl",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-connectivity",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-dhcp",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-dhcp-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-dns",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-dns-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-gofax",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-gofon",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-goto",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-kolab",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-kolab-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-ldapmanager",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-mail",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-mit-krb5",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-mit-krb5-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-nagios",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-nagios-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-netatalk",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-opengroupware",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-openxchange",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-openxchange-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-phpgw",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-phpgw-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-phpscheduleit",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-phpscheduleit-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-pptp",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-pptp-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-pureftpd",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-pureftpd-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-rolemanagement",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-rsyslog",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-samba",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-scalix",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-squid",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-ssh",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-ssh-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-sudo",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-sudo-schema",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-systems",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-uw-imap",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-plugin-webdav",
"binary_version": "2.7.4+reloaded3-11"
},
{
"binary_name": "gosa-schema",
"binary_version": "2.7.4+reloaded3-11"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "gosa",
"purl": "pkg:deb/ubuntu/gosa@2.7.4+reloaded3-11?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.4+reloaded3-10",
"2.7.4+reloaded3-10ubuntu1",
"2.7.4+reloaded3-11"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.2.1-3ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.2.1-3ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.1-3ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.2.1-2",
"3.2.1-3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "smarty3",
"binary_version": "3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1+esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "smarty3",
"purl": "pkg:deb/ubuntu/smarty3@3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1+esm1?arch=source\u0026distro=esm-apps/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.1.33+20180830.1.3a78a21f+selfpack1-1",
"3.1.34+20190228.1.c9f0de05+selfpack1-1",
"3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1~esm1",
"3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1",
"3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1+esm1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gosa",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-desktop",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-help-de",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-help-en",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-help-fr",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-help-nl",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-connectivity",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-dhcp",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-dhcp-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-dns",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-dns-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-gofax",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-gofon",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-goto",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-kolab",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-kolab-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-ldapmanager",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-mail",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-mit-krb5",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-mit-krb5-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-nagios",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-nagios-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-netatalk",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-opengroupware",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-openxchange",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-openxchange-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-phpgw",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-phpgw-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-phpscheduleit",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-phpscheduleit-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-pptp",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-pptp-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-pureftpd",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-pureftpd-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-rolemanagement",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-rsyslog",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-samba",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-scalix",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-squid",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-ssh",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-ssh-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-sudo",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-sudo-schema",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-systems",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-uw-imap",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-plugin-webdav",
"binary_version": "2.7.4+reloaded3-16build1"
},
{
"binary_name": "gosa-schema",
"binary_version": "2.7.4+reloaded3-16build1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "gosa",
"purl": "pkg:deb/ubuntu/gosa@2.7.4+reloaded3-16build1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.7.4+reloaded3-16build1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "smarty3",
"binary_version": "3.1.39-2ubuntu1.22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "smarty3",
"purl": "pkg:deb/ubuntu/smarty3@3.1.39-2ubuntu1.22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.39-2ubuntu1.22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.1.39-2",
"3.1.39-2ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.3.10-2ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.3.10-2ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.10-2ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.7-1",
"3.3.10-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gosa",
"binary_version": "2.8~git20230203.10abe45+dfsg-11"
},
{
"binary_name": "gosa-desktop",
"binary_version": "2.8~git20230203.10abe45+dfsg-11"
},
{
"binary_name": "gosa-help-de",
"binary_version": "2.8~git20230203.10abe45+dfsg-11"
},
{
"binary_name": "gosa-help-en",
"binary_version": "2.8~git20230203.10abe45+dfsg-11"
},
{
"binary_name": "gosa-help-fr",
"binary_version": "2.8~git20230203.10abe45+dfsg-11"
},
{
"binary_name": "gosa-help-nl",
"binary_version": "2.8~git20230203.10abe45+dfsg-11"
},
{
"binary_name": "gosa-schema",
"binary_version": "2.8~git20230203.10abe45+dfsg-11"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "gosa",
"purl": "pkg:deb/ubuntu/gosa@2.8~git20230203.10abe45+dfsg-11?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.8~git20230203.10abe45+dfsg-8",
"2.8~git20230203.10abe45+dfsg-9",
"2.8~git20230203.10abe45+dfsg-10",
"2.8~git20230203.10abe45+dfsg-11"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gosa",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-desktop",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-help-de",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-help-en",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-help-fr",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-help-nl",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-schema",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "gosa",
"purl": "pkg:deb/ubuntu/gosa@2.8~git20230203.10abe45+dfsg-19?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.8~git20230203.10abe45+dfsg-18",
"2.8~git20230203.10abe45+dfsg-19"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gosa",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-desktop",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-help-de",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-help-en",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-help-fr",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-help-nl",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
},
{
"binary_name": "gosa-schema",
"binary_version": "2.8~git20230203.10abe45+dfsg-19"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "gosa",
"purl": "pkg:deb/ubuntu/gosa@2.8~git20230203.10abe45+dfsg-19?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.8~git20230203.10abe45+dfsg-19"
]
}
],
"aliases": [],
"details": "Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds.",
"id": "UBUNTU-CVE-2022-29221",
"modified": "2026-05-20T14:55:59Z",
"published": "2022-05-24T15:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-29221"
},
{
"type": "REPORT",
"url": "https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c"
},
{
"type": "REPORT",
"url": "https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd"
},
{
"type": "REPORT",
"url": "https://github.com/smarty-php/smarty/commit/3606c4717ed6348e114a610ff1e446048dcd0345"
},
{
"type": "REPORT",
"url": "https://github.com/smarty-php/smarty/releases/tag/v3.1.45"
},
{
"type": "REPORT",
"url": "https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd"
},
{
"type": "REPORT",
"url": "https://github.com/smarty-php/smarty/releases/tag/v4.1.1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6012-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6550-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29221"
}
],
"related": [
"USN-6012-1",
"USN-6550-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2022-29221"
]
}
ubuntu-cve-2022-31129
Vulnerability from osv_ubuntu
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gnucash",
"binary_version": "1:2.6.12-1"
},
{
"binary_name": "gnucash-common",
"binary_version": "1:2.6.12-1"
},
{
"binary_name": "python-gnucash",
"binary_version": "1:2.6.12-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "gnucash",
"purl": "pkg:deb/ubuntu/gnucash@1:2.6.12-1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.6.6-2ubuntu2",
"1:2.6.9-1ubuntu1",
"1:2.6.12-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "libjs-moment",
"binary_version": "2.11.0+ds-1ubuntu0.1~esm1"
},
{
"binary_name": "node-moment",
"binary_version": "2.11.0+ds-1ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "node-moment",
"purl": "pkg:deb/ubuntu/node-moment@2.11.0+ds-1ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.10.6+dfsg-1",
"2.11.0+ds-1",
"2.11.0+ds-1ubuntu0.1~esm1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ntopng",
"binary_version": "2.2+dfsg1-1ubuntu0.1~esm2"
},
{
"binary_name": "ntopng-data",
"binary_version": "2.2+dfsg1-1ubuntu0.1~esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "ntopng",
"purl": "pkg:deb/ubuntu/ntopng@2.2+dfsg1-1ubuntu0.1~esm2?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.2.1+dfsg1-2ubuntu1",
"2.0+dfsg1-1",
"2.2+dfsg1-1",
"2.2+dfsg1-1build1",
"2.2+dfsg1-1ubuntu0.1~esm2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "sabnzbdplus",
"binary_version": "0.7.20+dfsg-1"
},
{
"binary_name": "sabnzbdplus-theme-classic",
"binary_version": "0.7.20+dfsg-1"
},
{
"binary_name": "sabnzbdplus-theme-iphone",
"binary_version": "0.7.20+dfsg-1"
},
{
"binary_name": "sabnzbdplus-theme-mobile",
"binary_version": "0.7.20+dfsg-1"
},
{
"binary_name": "sabnzbdplus-theme-plush",
"binary_version": "0.7.20+dfsg-1"
},
{
"binary_name": "sabnzbdplus-theme-smpl",
"binary_version": "0.7.20+dfsg-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "sabnzbdplus",
"purl": "pkg:deb/ubuntu/sabnzbdplus@0.7.20+dfsg-1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.7.20-1",
"0.7.20+dfsg-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "wordpress",
"binary_version": "4.4.2+dfsg-1ubuntu1"
},
{
"binary_name": "wordpress-l10n",
"binary_version": "4.4.2+dfsg-1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentyfifteen",
"binary_version": "4.4.2+dfsg-1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentyfourteen",
"binary_version": "4.4.2+dfsg-1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentysixteen",
"binary_version": "4.4.2+dfsg-1ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "wordpress",
"purl": "pkg:deb/ubuntu/wordpress@4.4.2+dfsg-1ubuntu1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.3+dfsg-1",
"4.3.1+dfsg-1",
"4.4+dfsg-1",
"4.4.1+dfsg-1",
"4.4.2+dfsg-1",
"4.4.2+dfsg-1ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libjs-moment",
"binary_version": "2.20.1+ds-1ubuntu0.1"
},
{
"binary_name": "node-moment",
"binary_version": "2.20.1+ds-1ubuntu0.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "node-moment",
"purl": "pkg:deb/ubuntu/node-moment@2.20.1+ds-1ubuntu0.1?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.20.1+ds-1ubuntu0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.18.1+ds-1",
"2.19.1+ds-1",
"2.19.2+ds-1",
"2.19.3+ds-1",
"2.19.4+ds-1",
"2.20.1+ds-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gnucash",
"binary_version": "1:2.6.19-1"
},
{
"binary_name": "gnucash-common",
"binary_version": "1:2.6.19-1"
},
{
"binary_name": "python-gnucash",
"binary_version": "1:2.6.19-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "gnucash",
"purl": "pkg:deb/ubuntu/gnucash@1:2.6.19-1?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:2.6.17-1ubuntu1",
"1:2.6.18-1",
"1:2.6.19-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "mediawiki",
"binary_version": "1:1.27.4-3"
},
{
"binary_name": "mediawiki-classes",
"binary_version": "1:1.27.4-3"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "mediawiki",
"purl": "pkg:deb/ubuntu/mediawiki@1:1.27.4-3?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:1.27.3-1",
"1:1.27.4-1",
"1:1.27.4-2",
"1:1.27.4-3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ntopng",
"binary_version": "3.2+dfsg1-1ubuntu0.1~esm2"
},
{
"binary_name": "ntopng-data",
"binary_version": "3.2+dfsg1-1ubuntu0.1~esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "ntopng",
"purl": "pkg:deb/ubuntu/ntopng@3.2+dfsg1-1ubuntu0.1~esm2?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.4+dfsg1-3",
"2.4+dfsg1-4",
"3.2+dfsg1-1",
"3.2+dfsg1-1ubuntu0.1~esm2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "sabnzbdplus",
"binary_version": "2.3.2+dfsg-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "sabnzbdplus",
"purl": "pkg:deb/ubuntu/sabnzbdplus@2.3.2+dfsg-1?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.1+dfsg-1",
"2.3.1+dfsg-1",
"2.3.2+dfsg-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "golang-github-syncthing-syncthing-dev",
"binary_version": "0.14.43+ds1-6"
},
{
"binary_name": "syncthing",
"binary_version": "0.14.43+ds1-6"
},
{
"binary_name": "syncthing-discosrv",
"binary_version": "0.14.43+ds1-6"
},
{
"binary_name": "syncthing-relaysrv",
"binary_version": "0.14.43+ds1-6"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "syncthing",
"purl": "pkg:deb/ubuntu/syncthing@0.14.43+ds1-6?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.14.36+ds1-1",
"0.14.38+ds1-1",
"0.14.43+ds1-5",
"0.14.43+ds1-6"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "wordpress",
"binary_version": "4.9.5+dfsg1-1"
},
{
"binary_name": "wordpress-l10n",
"binary_version": "4.9.5+dfsg1-1"
},
{
"binary_name": "wordpress-theme-twentyfifteen",
"binary_version": "4.9.5+dfsg1-1"
},
{
"binary_name": "wordpress-theme-twentyseventeen",
"binary_version": "4.9.5+dfsg1-1"
},
{
"binary_name": "wordpress-theme-twentysixteen",
"binary_version": "4.9.5+dfsg1-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "wordpress",
"purl": "pkg:deb/ubuntu/wordpress@4.9.5+dfsg1-1?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.8.2+dfsg-2",
"4.8.3+dfsg-1",
"4.9.1+dfsg-1",
"4.9.2+dfsg-1",
"4.9.4+dfsg-1",
"4.9.5+dfsg1-1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libjs-moment",
"binary_version": "2.24.0+ds-2ubuntu0.1"
},
{
"binary_name": "node-moment",
"binary_version": "2.24.0+ds-2ubuntu0.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "node-moment",
"purl": "pkg:deb/ubuntu/node-moment@2.24.0+ds-2ubuntu0.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.24.0+ds-2ubuntu0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.24.0+ds-1",
"2.24.0+ds-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gnucash",
"binary_version": "1:3.8b-1ubuntu1"
},
{
"binary_name": "gnucash-common",
"binary_version": "1:3.8b-1ubuntu1"
},
{
"binary_name": "python3-gnucash",
"binary_version": "1:3.8b-1ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "gnucash",
"purl": "pkg:deb/ubuntu/gnucash@1:3.8b-1ubuntu1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:3.7-1ubuntu1",
"1:3.7-1ubuntu2",
"1:3.7-2ubuntu1",
"1:3.8b-1",
"1:3.8b-1build2",
"1:3.8b-1build3",
"1:3.8b-1build4",
"1:3.8b-1ubuntu1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "mediawiki",
"binary_version": "1:1.31.7-1ubuntu0.1~esm1"
},
{
"binary_name": "mediawiki-classes",
"binary_version": "1:1.31.7-1ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "mediawiki",
"purl": "pkg:deb/ubuntu/mediawiki@1:1.31.7-1ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:1.31.2-1ubuntu1",
"1:1.31.5-1",
"1:1.31.5-1ubuntu1",
"1:1.31.5-2",
"1:1.31.5-3",
"1:1.31.5-3ubuntu1",
"1:1.31.6-1",
"1:1.31.7-1",
"1:1.31.7-1ubuntu0.1~esm1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ntopng",
"binary_version": "3.8+dfsg1-2.1build3"
},
{
"binary_name": "ntopng-data",
"binary_version": "3.8+dfsg1-2.1build3"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "ntopng",
"purl": "pkg:deb/ubuntu/ntopng@3.8+dfsg1-2.1build3?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.8+dfsg1-2.1build3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "omnidb-common",
"binary_version": "2.17.0+ds-1"
},
{
"binary_name": "omnidb-server",
"binary_version": "2.17.0+ds-1"
},
{
"binary_name": "postgresql-12-omnidb",
"binary_version": "2.17.0+ds-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "omnidb",
"purl": "pkg:deb/ubuntu/omnidb@2.17.0+ds-1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.16.0+ds-2",
"2.16.0+ds-2build1",
"2.16.0+ds-3",
"2.16.0+ds-4",
"2.16.0+ds-4build1",
"2.17.0+ds-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ruby-momentjs-rails",
"binary_version": "2.20.1-2"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "ruby-momentjs-rails",
"purl": "pkg:deb/ubuntu/ruby-momentjs-rails@2.20.1-2?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.20.1-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "sabnzbdplus",
"binary_version": "3.0.0~0git20200408+dfsg-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "sabnzbdplus",
"purl": "pkg:deb/ubuntu/sabnzbdplus@3.0.0~0git20200408+dfsg-1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.3.6+dfsg-1",
"2.3.6+dfsg-1build1",
"2.3.6+dfsg-1ubuntu1",
"3.0.0~0git20200408+dfsg-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "golang-github-syncthing-syncthing-dev",
"binary_version": "1.1.4~ds1-4ubuntu1.2"
},
{
"binary_name": "syncthing",
"binary_version": "1.1.4~ds1-4ubuntu1.2"
},
{
"binary_name": "syncthing-discosrv",
"binary_version": "1.1.4~ds1-4ubuntu1.2"
},
{
"binary_name": "syncthing-relaysrv",
"binary_version": "1.1.4~ds1-4ubuntu1.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "syncthing",
"purl": "pkg:deb/ubuntu/syncthing@1.1.4~ds1-4ubuntu1.2?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.1.4~ds1-4",
"1.1.4~ds1-4ubuntu1",
"1.1.4~ds1-4ubuntu1.1",
"1.1.4~ds1-4ubuntu1.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "wordpress",
"binary_version": "5.3.2+dfsg1-1ubuntu1"
},
{
"binary_name": "wordpress-l10n",
"binary_version": "5.3.2+dfsg1-1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentynineteen",
"binary_version": "5.3.2+dfsg1-1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentyseventeen",
"binary_version": "5.3.2+dfsg1-1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentysixteen",
"binary_version": "5.3.2+dfsg1-1ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "wordpress",
"purl": "pkg:deb/ubuntu/wordpress@5.3.2+dfsg1-1ubuntu1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.2.2+dfsg1-1",
"5.2.4+dfsg1-1",
"5.3.2+dfsg1-1",
"5.3.2+dfsg1-1ubuntu1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gnucash",
"binary_version": "1:4.8-1build2"
},
{
"binary_name": "gnucash-common",
"binary_version": "1:4.8-1build2"
},
{
"binary_name": "python3-gnucash",
"binary_version": "1:4.8-1build2"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "gnucash",
"purl": "pkg:deb/ubuntu/gnucash@1:4.8-1build2?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.4-1ubuntu1",
"1:4.8-1build2"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libjs-moment",
"binary_version": "2.29.1+ds-3ubuntu0.2"
},
{
"binary_name": "node-moment",
"binary_version": "2.29.1+ds-3ubuntu0.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "node-moment",
"purl": "pkg:deb/ubuntu/node-moment@2.29.1+ds-3ubuntu0.2?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.29.1+ds-3ubuntu0.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.29.1+ds-2",
"2.29.1+ds-3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ntopng",
"binary_version": "5.2.1+dfsg1-1"
},
{
"binary_name": "ntopng-data",
"binary_version": "5.2.1+dfsg1-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "ntopng",
"purl": "pkg:deb/ubuntu/ntopng@5.2.1+dfsg1-1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.2.1+dfsg1-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "odoo-14",
"binary_version": "14.0.0+dfsg.3-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "odoo",
"purl": "pkg:deb/ubuntu/odoo@14.0.0+dfsg.3-1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"14.0.0+dfsg.2-7",
"14.0.0+dfsg.3-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "omnidb-common",
"binary_version": "3.0.3b+ds-3"
},
{
"binary_name": "omnidb-server",
"binary_version": "3.0.3b+ds-3"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "omnidb",
"purl": "pkg:deb/ubuntu/omnidb@3.0.3b+ds-3?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.3b+ds-2",
"3.0.3b+ds-2build1",
"3.0.3b+ds-3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ruby-momentjs-rails",
"binary_version": "2.20.1-2"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "ruby-momentjs-rails",
"purl": "pkg:deb/ubuntu/ruby-momentjs-rails@2.20.1-2?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.20.1-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "sabnzbdplus",
"binary_version": "3.5.1+dfsg-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "sabnzbdplus",
"purl": "pkg:deb/ubuntu/sabnzbdplus@3.5.1+dfsg-1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.2.1+dfsg-1",
"3.4.2+dfsg-1",
"3.4.2+dfsg-2",
"3.5.0+dfsg-1",
"3.5.0+dfsg-2",
"3.5.1+dfsg-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "wordpress",
"binary_version": "5.8.3+dfsg1-1ubuntu1.1"
},
{
"binary_name": "wordpress-l10n",
"binary_version": "5.8.3+dfsg1-1ubuntu1.1"
},
{
"binary_name": "wordpress-theme-twentynineteen",
"binary_version": "5.8.3+dfsg1-1ubuntu1.1"
},
{
"binary_name": "wordpress-theme-twentytwenty",
"binary_version": "5.8.3+dfsg1-1ubuntu1.1"
},
{
"binary_name": "wordpress-theme-twentytwentyone",
"binary_version": "5.8.3+dfsg1-1ubuntu1.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "wordpress",
"purl": "pkg:deb/ubuntu/wordpress@5.8.3+dfsg1-1ubuntu1.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.7.1+dfsg1-2ubuntu1",
"5.8.1+dfsg1-2ubuntu1",
"5.8.2+dfsg1-1ubuntu1",
"5.8.3+dfsg1-1ubuntu1",
"5.8.3+dfsg1-1ubuntu1.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "mediawiki",
"binary_version": "1:1.35.6-1ubuntu0.1~esm1"
},
{
"binary_name": "mediawiki-classes",
"binary_version": "1:1.35.6-1ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "mediawiki",
"purl": "pkg:deb/ubuntu/mediawiki@1:1.35.6-1ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:1.35.3-1",
"1:1.35.4-1",
"1:1.35.5-1",
"1:1.35.5-1ubuntu1",
"1:1.35.5-1ubuntu2",
"1:1.35.5-1ubuntu3",
"1:1.35.6-1",
"1:1.35.6-1ubuntu0.1~esm1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.3.10-2ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.3.10-2ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.10-2ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.7-1",
"3.3.10-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "golang-github-syncthing-syncthing-dev",
"binary_version": "1.18.0~ds1-3ubuntu0.3+esm2"
},
{
"binary_name": "syncthing",
"binary_version": "1.18.0~ds1-3ubuntu0.3+esm2"
},
{
"binary_name": "syncthing-discosrv",
"binary_version": "1.18.0~ds1-3ubuntu0.3+esm2"
},
{
"binary_name": "syncthing-relaysrv",
"binary_version": "1.18.0~ds1-3ubuntu0.3+esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "syncthing",
"purl": "pkg:deb/ubuntu/syncthing@1.18.0~ds1-3ubuntu0.3+esm2?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.12.1~ds1-4",
"1.18.0~ds1-3",
"1.18.0~ds1-3ubuntu0.1",
"1.18.0~ds1-3ubuntu0.2",
"1.18.0~ds1-3ubuntu0.3",
"1.18.0~ds1-3ubuntu0.3+esm1",
"1.18.0~ds1-3ubuntu0.3+esm2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gnucash",
"binary_version": "1:5.5-1.2build1"
},
{
"binary_name": "gnucash-common",
"binary_version": "1:5.5-1.2build1"
},
{
"binary_name": "python3-gnucash",
"binary_version": "1:5.5-1.2build1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "gnucash",
"purl": "pkg:deb/ubuntu/gnucash@1:5.5-1.2build1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:5.3-1",
"1:5.4-2",
"1:5.4-2build1",
"1:5.5-1",
"1:5.5-1ubuntu1",
"1:5.5-1.1",
"1:5.5-1.2",
"1:5.5-1.2build1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ntopng",
"binary_version": "5.2.1+dfsg1-1ubuntu4"
},
{
"binary_name": "ntopng-data",
"binary_version": "5.2.1+dfsg1-1ubuntu4"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "ntopng",
"purl": "pkg:deb/ubuntu/ntopng@5.2.1+dfsg1-1ubuntu4?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.2.1+dfsg1-1",
"5.2.1+dfsg1-1ubuntu1",
"5.2.1+dfsg1-1ubuntu3",
"5.2.1+dfsg1-1ubuntu4"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "odoo-16",
"binary_version": "16.0.0+dfsg.2-2"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "odoo",
"purl": "pkg:deb/ubuntu/odoo@16.0.0+dfsg.2-2?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"16.0.0+dfsg.1-3",
"16.0.0+dfsg.2-1.1",
"16.0.0+dfsg.2-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "omnidb-common",
"binary_version": "3.0.3b+ds-4"
},
{
"binary_name": "omnidb-server",
"binary_version": "3.0.3b+ds-4"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "omnidb",
"purl": "pkg:deb/ubuntu/omnidb@3.0.3b+ds-4?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.3b+ds-4"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ruby-momentjs-rails",
"binary_version": "2.20.1-2"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "ruby-momentjs-rails",
"purl": "pkg:deb/ubuntu/ruby-momentjs-rails@2.20.1-2?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.20.1-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "sabnzbdplus",
"binary_version": "4.2.2+dfsg-3"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "sabnzbdplus",
"purl": "pkg:deb/ubuntu/sabnzbdplus@4.2.2+dfsg-3?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.0.2+dfsg-1",
"4.1.0+dfsg-1",
"4.2.2+dfsg-2",
"4.2.2+dfsg-3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "wordpress",
"binary_version": "6.4.3+dfsg1-1ubuntu1"
},
{
"binary_name": "wordpress-l10n",
"binary_version": "6.4.3+dfsg1-1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentytwentyfour",
"binary_version": "6.4.3+dfsg1-1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentytwentythree",
"binary_version": "6.4.3+dfsg1-1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentytwentytwo",
"binary_version": "6.4.3+dfsg1-1ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "wordpress",
"purl": "pkg:deb/ubuntu/wordpress@6.4.3+dfsg1-1ubuntu1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.2+dfsg1-1ubuntu1",
"6.4.3+dfsg1-1ubuntu1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "mediawiki",
"binary_version": "1:1.39.7-1ubuntu0.1~esm1"
},
{
"binary_name": "mediawiki-classes",
"binary_version": "1:1.39.7-1ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:24.04:LTS",
"name": "mediawiki",
"purl": "pkg:deb/ubuntu/mediawiki@1:1.39.7-1ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:1.39.4-2",
"1:1.39.5-1",
"1:1.39.6-1",
"1:1.39.7-1",
"1:1.39.7-1ubuntu0.1~esm1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.3.13-1ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:24.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.3.13-1ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.13-1",
"3.3.13-1ubuntu0.1~esm1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "golang-github-syncthing-syncthing-dev",
"binary_version": "1.27.2~ds4-1ubuntu0.24.04.3+esm2"
},
{
"binary_name": "syncthing",
"binary_version": "1.27.2~ds4-1ubuntu0.24.04.3+esm2"
},
{
"binary_name": "syncthing-discosrv",
"binary_version": "1.27.2~ds4-1ubuntu0.24.04.3+esm2"
},
{
"binary_name": "syncthing-relaysrv",
"binary_version": "1.27.2~ds4-1ubuntu0.24.04.3+esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:24.04:LTS",
"name": "syncthing",
"purl": "pkg:deb/ubuntu/syncthing@1.27.2~ds4-1ubuntu0.24.04.3+esm2?arch=source\u0026distro=esm-apps/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.19.2~ds1-3",
"1.27.2~ds4-1",
"1.27.2~ds4-1ubuntu0.24.04.1",
"1.27.2~ds4-1ubuntu0.24.04.2",
"1.27.2~ds4-1ubuntu0.24.04.2+esm1",
"1.27.2~ds4-1ubuntu0.24.04.3",
"1.27.2~ds4-1ubuntu0.24.04.3+esm1",
"1.27.2~ds4-1ubuntu0.24.04.3+esm2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gnucash",
"binary_version": "1:5.13-1"
},
{
"binary_name": "gnucash-common",
"binary_version": "1:5.13-1"
},
{
"binary_name": "python3-gnucash",
"binary_version": "1:5.13-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "gnucash",
"purl": "pkg:deb/ubuntu/gnucash@1:5.13-1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:5.10-0.1",
"1:5.10-0.1build1",
"1:5.13-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "mediawiki",
"binary_version": "1:1.43.3+dfsg-1"
},
{
"binary_name": "mediawiki-classes",
"binary_version": "1:1.43.3+dfsg-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "mediawiki",
"purl": "pkg:deb/ubuntu/mediawiki@1:1.43.3+dfsg-1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:1.43.1+dfsg-1",
"1:1.43.1+dfsg-2",
"1:1.43.3+dfsg-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "ntopng",
"binary_version": "5.2.1+dfsg1-2ubuntu1"
},
{
"binary_name": "ntopng-data",
"binary_version": "5.2.1+dfsg1-2ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "ntopng",
"purl": "pkg:deb/ubuntu/ntopng@5.2.1+dfsg1-2ubuntu1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.2.1+dfsg1-2ubuntu1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "odoo-18",
"binary_version": "18.0.0+dfsg-2"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "odoo",
"purl": "pkg:deb/ubuntu/odoo@18.0.0+dfsg-2?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"18.0.0+dfsg-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "omnidb-common",
"binary_version": "3.0.3b+ds-6build1"
},
{
"binary_name": "omnidb-server",
"binary_version": "3.0.3b+ds-6build1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "omnidb",
"purl": "pkg:deb/ubuntu/omnidb@3.0.3b+ds-6build1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.3b+ds-6build1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.3.15+ds-2"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.3.15+ds-2?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.15+ds-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "sabnzbdplus",
"binary_version": "4.5.0+dfsg-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "sabnzbdplus",
"purl": "pkg:deb/ubuntu/sabnzbdplus@4.5.0+dfsg-1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.4.1+dfsg-2",
"4.5.0+dfsg-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "golang-github-syncthing-syncthing-dev",
"binary_version": "1.29.5~ds1-2"
},
{
"binary_name": "syncthing",
"binary_version": "1.29.5~ds1-2"
},
{
"binary_name": "syncthing-discosrv",
"binary_version": "1.29.5~ds1-2"
},
{
"binary_name": "syncthing-relaysrv",
"binary_version": "1.29.5~ds1-2"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "syncthing",
"purl": "pkg:deb/ubuntu/syncthing@1.29.5~ds1-2?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.29.2~ds1-1",
"1.29.5~ds1-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "wordpress",
"binary_version": "6.7.2+dfsg1-1.1ubuntu1"
},
{
"binary_name": "wordpress-l10n",
"binary_version": "6.7.2+dfsg1-1.1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentytwentyfive",
"binary_version": "6.7.2+dfsg1-1.1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentytwentyfour",
"binary_version": "6.7.2+dfsg1-1.1ubuntu1"
},
{
"binary_name": "wordpress-theme-twentytwentythree",
"binary_version": "6.7.2+dfsg1-1.1ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "wordpress",
"purl": "pkg:deb/ubuntu/wordpress@6.7.2+dfsg1-1.1ubuntu1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.7.2+dfsg1-1.1ubuntu1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "gnucash",
"binary_version": "1:5.14-1build1"
},
{
"binary_name": "gnucash-common",
"binary_version": "1:5.14-1build1"
},
{
"binary_name": "python3-gnucash",
"binary_version": "1:5.14-1build1"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "gnucash",
"purl": "pkg:deb/ubuntu/gnucash@1:5.14-1build1?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:5.13-1",
"1:5.13-1build1",
"1:5.14-1build1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "mediawiki",
"binary_version": "1:1.43.8+dfsg-2"
},
{
"binary_name": "mediawiki-classes",
"binary_version": "1:1.43.8+dfsg-2"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "mediawiki",
"purl": "pkg:deb/ubuntu/mediawiki@1:1.43.8+dfsg-2?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:1.43.3+dfsg-1",
"1:1.43.5+dfsg-1",
"1:1.43.6+dfsg-2",
"1:1.43.8+dfsg-1",
"1:1.43.8+dfsg-2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "odoo-18",
"binary_version": "18.0.0+dfsg-2build1"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "odoo",
"purl": "pkg:deb/ubuntu/odoo@18.0.0+dfsg-2build1?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"18.0.0+dfsg-2",
"18.0.0+dfsg-2build1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "4.0.1+ds-1"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@4.0.1+ds-1?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.15+ds-2",
"4.0.1+ds-1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "sabnzbdplus",
"binary_version": "4.5.4+dfsg-4"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "sabnzbdplus",
"purl": "pkg:deb/ubuntu/sabnzbdplus@4.5.4+dfsg-4?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.5.0+dfsg-1",
"4.5.4+dfsg-4"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "wordpress",
"binary_version": "6.7.2+dfsg1-1.1ubuntu2"
},
{
"binary_name": "wordpress-l10n",
"binary_version": "6.7.2+dfsg1-1.1ubuntu2"
},
{
"binary_name": "wordpress-theme-twentytwentyfive",
"binary_version": "6.7.2+dfsg1-1.1ubuntu2"
},
{
"binary_name": "wordpress-theme-twentytwentyfour",
"binary_version": "6.7.2+dfsg1-1.1ubuntu2"
},
{
"binary_name": "wordpress-theme-twentytwentythree",
"binary_version": "6.7.2+dfsg1-1.1ubuntu2"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "wordpress",
"purl": "pkg:deb/ubuntu/wordpress@6.7.2+dfsg1-1.1ubuntu2?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.7.2+dfsg1-1.1ubuntu1",
"6.7.2+dfsg1-1.1ubuntu2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "golang-github-syncthing-syncthing-dev",
"binary_version": "1.29.5~ds1-3ubuntu0.26.04.1~esm1"
},
{
"binary_name": "syncthing",
"binary_version": "1.29.5~ds1-3ubuntu0.26.04.1~esm1"
},
{
"binary_name": "syncthing-discosrv",
"binary_version": "1.29.5~ds1-3ubuntu0.26.04.1~esm1"
},
{
"binary_name": "syncthing-relaysrv",
"binary_version": "1.29.5~ds1-3ubuntu0.26.04.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:26.04:LTS",
"name": "syncthing",
"purl": "pkg:deb/ubuntu/syncthing@1.29.5~ds1-3ubuntu0.26.04.1~esm1?arch=source\u0026distro=esm-apps/resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1.29.5~ds1-2",
"1.29.5~ds1-3",
"1.29.5~ds1-3ubuntu0.26.04.1~esm1"
]
}
],
"aliases": [],
"details": "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.",
"id": "UBUNTU-CVE-2022-31129",
"modified": "2026-07-02T15:52:18Z",
"published": "2022-07-06T18:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-31129"
},
{
"type": "REPORT",
"url": "https://github.com/moment/moment/pull/6015#issuecomment-1152961973"
},
{
"type": "REPORT",
"url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5559-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6550-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
}
],
"related": [
"USN-5559-1",
"USN-6550-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2022-31129"
]
}
ubuntu-cve-2023-28447
Vulnerability from osv_ubuntu
Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. There are no known workarounds for this vulnerability.
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "civicrm-common",
"binary_version": "4.7.1+dfsg-2ubuntu1+esm1"
},
{
"binary_name": "civicrm-l10n",
"binary_version": "4.7.1+dfsg-2ubuntu1+esm1"
},
{
"binary_name": "drupal7-mod-civicrm",
"binary_version": "4.7.1+dfsg-2ubuntu1+esm1"
},
{
"binary_name": "wordpress-civicrm",
"binary_version": "4.7.1+dfsg-2ubuntu1+esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "civicrm",
"purl": "pkg:deb/ubuntu/civicrm@4.7.1+dfsg-2ubuntu1+esm1?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.7.1+dfsg-2ubuntu1+esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.7.1+dfsg-1",
"4.7.1+dfsg-2",
"4.7.1+dfsg-2ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "smarty3",
"binary_version": "3.1.21-1ubuntu1+esm2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "smarty3",
"purl": "pkg:deb/ubuntu/smarty3@3.1.21-1ubuntu1+esm2?arch=source\u0026distro=esm-apps/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.21-1ubuntu1+esm2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.1.21-1",
"3.1.21-1ubuntu1",
"3.1.21-1ubuntu1+esm1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "civicrm-common",
"binary_version": "4.7.30+dfsg-1ubuntu1+esm1"
},
{
"binary_name": "civicrm-l10n",
"binary_version": "4.7.30+dfsg-1ubuntu1+esm1"
},
{
"binary_name": "wordpress-civicrm",
"binary_version": "4.7.30+dfsg-1ubuntu1+esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "civicrm",
"purl": "pkg:deb/ubuntu/civicrm@4.7.30+dfsg-1ubuntu1+esm1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.7.30+dfsg-1ubuntu1+esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.7.23+dfsg-1ubuntu1",
"4.7.24+dfsg-1ubuntu1",
"4.7.30+dfsg-1ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.0.2-2ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.0.2-2ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.2-2ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.0.2-2"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "smarty3",
"binary_version": "3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "smarty3",
"purl": "pkg:deb/ubuntu/smarty3@3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1+esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.1.31+20161214.1.c7d42e4+selfpack1-2",
"3.1.31+20161214.1.c7d42e4+selfpack1-3",
"3.1.31+20161214.1.c7d42e4+selfpack1-3ubuntu0.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "smarty3",
"binary_version": "3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "smarty3",
"purl": "pkg:deb/ubuntu/smarty3@3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.34+20190228.1.c9f0de05+selfpack1-1ubuntu0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.1.33+20180830.1.3a78a21f+selfpack1-1",
"3.1.34+20190228.1.c9f0de05+selfpack1-1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "civicrm-common",
"binary_version": "5.21.2+dfsg-1ubuntu0.1~esm1"
},
{
"binary_name": "civicrm-l10n",
"binary_version": "5.21.2+dfsg-1ubuntu0.1~esm1"
},
{
"binary_name": "wordpress-civicrm",
"binary_version": "5.21.2+dfsg-1ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "civicrm",
"purl": "pkg:deb/ubuntu/civicrm@5.21.2+dfsg-1ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.21.2+dfsg-1ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.11.0+dfsg-1",
"5.18.1+dfsg-1",
"5.20.3+dfsg-1",
"5.21.0+dfsg-1",
"5.21.1+dfsg-1",
"5.21.2+dfsg-1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.2.1-3ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.2.1-3ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.1-3ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.2.1-2",
"3.2.1-3"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "smarty3",
"binary_version": "3.1.39-2ubuntu1.22.04.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "smarty3",
"purl": "pkg:deb/ubuntu/smarty3@3.1.39-2ubuntu1.22.04.2?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.39-2ubuntu1.22.04.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.1.39-2",
"3.1.39-2ubuntu1",
"3.1.39-2ubuntu1.22.04.1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "civicrm-common",
"binary_version": "5.33.2+dfsg1-1ubuntu1+esm1"
},
{
"binary_name": "civicrm-l10n",
"binary_version": "5.33.2+dfsg1-1ubuntu1+esm1"
},
{
"binary_name": "wordpress-civicrm",
"binary_version": "5.33.2+dfsg1-1ubuntu1+esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "civicrm",
"purl": "pkg:deb/ubuntu/civicrm@5.33.2+dfsg1-1ubuntu1+esm1?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.33.2+dfsg1-1ubuntu1+esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.33.2+dfsg1-1",
"5.33.2+dfsg1-1build1",
"5.33.2+dfsg1-1ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.3.10-2ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:22.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.3.10-2ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.10-2ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.7-1",
"3.3.10-2"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "smarty3",
"binary_version": "3.1.48-1ubuntu0.24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "smarty3",
"purl": "pkg:deb/ubuntu/smarty3@3.1.48-1ubuntu0.24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.1.48-1ubuntu0.24.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.1.48-1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "postfixadmin",
"binary_version": "3.3.13-1ubuntu0.1~esm1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:24.04:LTS",
"name": "postfixadmin",
"purl": "pkg:deb/ubuntu/postfixadmin@3.3.13-1ubuntu0.1~esm1?arch=source\u0026distro=esm-apps/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.13-1ubuntu0.1~esm1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.3.13-1"
]
}
],
"aliases": [],
"details": "Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user\u0027s browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application\u0027s behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. There are no known workarounds for this vulnerability.",
"id": "UBUNTU-CVE-2023-28447",
"modified": "2026-05-20T15:02:33Z",
"published": "2023-03-28T21:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2023-28447"
},
{
"type": "REPORT",
"url": "https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj"
},
{
"type": "REPORT",
"url": "https://github.com/smarty-php/smarty/commit/685662466f653597428966d75a661073104d713d"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6550-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28447"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7158-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8242-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8242-2"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-8272-1"
}
],
"related": [
"USN-6550-1",
"USN-7158-1",
"USN-8242-1",
"USN-8242-2",
"USN-8272-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "high",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2023-28447"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.