CVE reports
The Common Vulnerabilities and Exposures (CVE) system is used to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Canonical keeps track of all CVEs affecting Ubuntu, and releases a security notice when an issue is fixed.
Canonical also produces Open Vulnerability and Assessment Language (OVAL) data, which is machine-readable, to enable auditing for CVEs and to determine whether a particular patch, via an Ubuntu Security Notice (USN), is appropriate for the local system.
Search
Recent CVEs affecting Ubuntu
ID | Priority | Package |
14.04 ESM
|
16.04 ESM
|
18.04 ESM
|
20.04 LTS
|
22.04 LTS
|
23.10
|
24.04 LTS
|
24.10
|
---|---|---|---|---|---|---|---|---|---|---|
CVE-2024-4770 |
medium
|
firefox | — | — | — |
Needed
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
thunderbird | — | — | — |
Needed
|
Needed
|
Needed
|
Not vulnerable
|
— | ||
mozjs38 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs52 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs68 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs78 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs91 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs102 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
CVE-2024-4769 |
medium
|
firefox | — | — | — |
Needed
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
thunderbird | — | — | — |
Needed
|
Needed
|
Needed
|
Not vulnerable
|
— | ||
mozjs38 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs52 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs68 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs78 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs91 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs102 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
CVE-2024-4768 |
medium
|
firefox | — | — | — |
Needed
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
thunderbird | — | — | — |
Needed
|
Needed
|
Needed
|
Not vulnerable
|
— | ||
mozjs38 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs52 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs68 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs78 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs91 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs102 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
CVE-2024-4767 |
medium
|
firefox | — | — | — |
Needed
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
thunderbird | — | — | — |
Needed
|
Needed
|
Needed
|
Not vulnerable
|
— | ||
mozjs38 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs52 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs68 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs78 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs91 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs102 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
CVE-2024-4766 |
medium
|
firefox | — | — | — |
Needed
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
thunderbird | — | — | — |
Needed
|
Needed
|
Needed
|
Not vulnerable
|
— | ||
mozjs38 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs52 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs68 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs78 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs91 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs102 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
CVE-2024-4765 |
medium
|
firefox | — | — | — |
Needed
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
thunderbird | — | — | — |
Needed
|
Needed
|
Needed
|
Not vulnerable
|
— | ||
mozjs38 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs52 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs68 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs78 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs91 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs102 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
CVE-2024-4764 |
medium
|
firefox | — | — | — |
Needed
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
thunderbird | — | — | — |
Needed
|
Needed
|
Needed
|
Not vulnerable
|
— | ||
mozjs38 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs52 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs68 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs78 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs91 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs102 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
CVE-2024-4367 |
medium
|
firefox | — | — | — |
Needed
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
mozjs38 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs52 | — | — |
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs68 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
mozjs78 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs91 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
mozjs102 | — | — | — |
Does not exist
|
Needs triage
|
Needs triage
|
Needs triage
|
— | ||
thunderbird | — | — | — |
Needs triage
|
Needs triage
|
Needs triage
|
Not vulnerable
|
— | ||
CVE-2024-4761 |
medium
|
chromium-browser | — | — | — |
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
CVE-2024-3374 |
medium
|
mongodb |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— |
CVE-2024-3372 |
medium
|
mongodb |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— |
CVE-2024-4855 |
medium
|
wireshark |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-4854 |
medium
|
wireshark |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-4853 |
medium
|
wireshark |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-4693 |
medium
|
qemu |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-4671 |
medium
|
chromium-browser | — | — | — |
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
Not vulnerable
|
— |
CVE-2024-4539 |
medium
|
gitlab | — |
Needs triage
|
— |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— |
CVE-2024-4317 |
medium
|
postgresql-16 | — | — | — |
Does not exist
|
Does not exist
|
Does not exist
|
Needs triage
|
— |
postgresql-15 | — | — | — |
Does not exist
|
Does not exist
|
Needs triage
|
Does not exist
|
— | ||
postgresql-14 | — | — | — |
Does not exist
|
Needs triage
|
Does not exist
|
Does not exist
|
— | ||
postgresql-12 | — | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
postgresql-10 | — | — |
Needs triage
|
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
postgresql-9.5 | — |
Needs triage
|
— |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
postgresql-9.3 |
Deferred
|
— | — |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
postgresql-9.1 | — | — | — |
Does not exist
|
Does not exist
|
Does not exist
|
Does not exist
|
— | ||
CVE-2024-4068 |
medium
|
node-braces | — | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |
CVE-2024-4067 |
medium
|
node-micromatch | — | — |
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
Needs triage
|
— |