CVE reports
The Common Vulnerabilities and Exposures (CVE) system is used to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Canonical keeps track of all CVEs affecting Ubuntu, and releases a security notice when an issue is fixed.
Canonical also produces Open Vulnerability and Assessment Language (OVAL) data, which is machine-readable, to enable auditing for CVEs and to determine whether a particular patch, via an Ubuntu Security Notice (USN), is appropriate for the local system.
See our guide to open source vulnerability management for best practices to improving your security posture with a comprehensive approach based on NIST’s cybersecurity framework.
Search
Recent CVEs affecting Ubuntu
ID | Priority | Package |
14.04 ESM
|
16.04 ESM
|
18.04 ESM
|
20.04 LTS
|
22.04 LTS
|
24.04 LTS
|
24.10
|
---|---|---|---|---|---|---|---|---|---|
CVE-2024-8645 |
low
|
wireshark |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-45845 |
medium
|
nix | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
— |
CVE-2024-45411 |
medium
|
php-twig | — | — | — |
Needs triage
|
Needs triage
|
Needs triage
|
— |
twig | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
CVE-2024-45296 |
medium
|
node-path-to-regexp | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-24510 |
medium
|
sogo | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
— |
CVE-2024-8517 |
medium
|
spip | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-8443 |
medium
|
opensc | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-8373 |
medium
|
angular.js | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-8372 |
medium
|
angular.js | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-7652 |
medium
|
firefox | — | — | — |
Needed
|
Not vulnerable
|
Not vulnerable
|
— |
mozjs102 | — | — | — |
Does not exist
|
Ignored
|
Ignored
|
— | ||
mozjs115 | — | — | — |
Does not exist
|
Does not exist
|
Ignored
|
— | ||
mozjs38 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs52 | — | — |
Ignored
|
Ignored
|
Does not exist
|
Does not exist
|
— | ||
mozjs68 | — | — | — |
Ignored
|
Does not exist
|
Does not exist
|
— | ||
mozjs78 | — | — | — |
Does not exist
|
Ignored
|
Does not exist
|
— | ||
mozjs91 | — | — | — |
Does not exist
|
Ignored
|
Does not exist
|
— | ||
thunderbird | — | — | — |
Needed
|
Needed
|
Not vulnerable
|
— | ||
CVE-2024-45160 |
medium
|
lemonldap-ng | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-42934 |
medium
|
openipmi |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-34158 |
medium
|
golang | — | — | — |
Does not exist
|
Does not exist
|
Does not exist
|
— |
golang-1.10 |
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.13 | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
— | ||
golang-1.14 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
golang-1.16 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
golang-1.17 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
— | ||
golang-1.18 | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
— | ||
golang-1.19 | — | — | — |
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.20 | — | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
— | ||
golang-1.21 | — | — | — |
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
golang-1.22 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
— | ||
golang-1.6 | — |
Needs triage
|
— |
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.8 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.9 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
CVE-2024-34156 |
medium
|
golang | — | — | — |
Does not exist
|
Does not exist
|
Does not exist
|
— |
golang-1.10 |
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.13 | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
— | ||
golang-1.14 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
golang-1.16 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
golang-1.17 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
— | ||
golang-1.18 | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
— | ||
golang-1.19 | — | — | — |
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.20 | — | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
— | ||
golang-1.21 | — | — | — |
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
golang-1.22 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
— | ||
golang-1.6 | — |
Needs triage
|
— |
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.8 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.9 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
CVE-2024-34155 |
medium
|
golang | — | — | — |
Does not exist
|
Does not exist
|
Does not exist
|
— |
golang-1.10 |
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.13 | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
— | ||
golang-1.14 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
golang-1.16 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
golang-1.17 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
— | ||
golang-1.18 | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
— | ||
golang-1.19 | — | — | — |
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.20 | — | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
— | ||
golang-1.21 | — | — | — |
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
golang-1.22 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
— | ||
golang-1.6 | — |
Needs triage
|
— |
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.8 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
golang-1.9 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
CVE-2024-23091 |
medium
|
hoteldruid | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-22412 |
medium
|
clickhouse | — | — | — |
Needs triage
|
Does not exist
|
Needs triage
|
— |
CVE-2024-22391 |
medium
|
gdcm |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-22373 |
medium
|
gdcm |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2023-51596 |
medium
|
bluez | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |