UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
CVE CVE-2026-48913 Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already exhausted. This issue affects Apache HTTP Server: apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-44631 Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: fr apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-44186 Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the mod_proxy_ftp module in Apache HTTP Server with an attacker controlled ba apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-44185 Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-44119 Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-43951 Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. This issue affects Apache HTTP apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-42536 Heap-based Buffer Overflow vulnerability in Apache HTTP Server with mod_xml2enc, xml2StartParse, and untrusted content This issue affects Apache HTT apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-42535 A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-34356 Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie* This issue affects Apache apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-34355 A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgra apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-29170 A cross-site scripting vulnerability exists in mod_proxy_ftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing F apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-29167 Use After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 th apache2 apache2 apache2 apache2 apache2 apache2
CVE CVE-2026-20244 A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other e clamav clamav clamav clamav clamav clamav
CVE CVE-2026-20243 A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other e clamav clamav clamav clamav clamav clamav
CVE CVE-2026-20217 A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly othe clamav clamav clamav clamav clamav clamav
CVE CVE-2026-20216 A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affe clamav clamav clamav clamav clamav clamav
CVE CVE-2026-20215 A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other ex clamav clamav clamav clamav clamav clamav
CVE CVE-2026-20214 A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other e clamav clamav clamav clamav clamav clamav
CVE CVE-2026-20213 A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other ex clamav clamav clamav clamav clamav clamav
CVE CVE-2024-54661 readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. socat socat



About   -   Send Feedback to @ubuntu_updates