CARVIEW

MOTORHOMES

Select Language

HTTP/2 200 server: nginx/1.14.0 (Ubuntu) date: Thu, 25 Dec 2025 20:51:25 GMT content-type: text/html; charset=utf-8 content-length: 16636 content-security-policy: default-src 'self'; img-src data: blob: *; script-src-elem 'self' assets.ubuntu.com www.google-analytics.com www.googletagmanager.com dev.visualwebsiteoptimizer.com www.youtube.com asciinema.org player.vimeo.com script.crazyegg.com w.usabilla.com munchkin.marketo.net serve.nrich.ai ml314.com scout-cdn.salesloft.com snippet.maze.co www.googleadservices.com js.zi-scripts.com *.g.doubleclick.net www.google.com www.gstatic.com *.googlesyndication.com js.stripe.com d3js.org www.brighttalk.com cdnjs.cloudflare.com static.ads-twitter.com *.cdn.digitaloceanspaces.com www.redditstatic.com snap.licdn.com connect.facebook.net jspm.dev cdn.livechatinc.com api.livechatinc.com secure.livechatinc.com www.tfaforms.com api.usabilla.com *.cloudfront.net cdn.jsdelivr.net *.g.doubleclick.net extend.vimeocdn.com tracking-api.g2.com 'unsafe-inline'; font-src 'self' assets.ubuntu.com cdn.livechatinc.com secure.livechatinc.com fonts.google.com; script-src 'self' blob: *.livechatinc.com *.youtube.com *.google.com *.livechat-static.com 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline'; connect-src 'self' *.googlesyndication.com www.google.com ubuntu.com analytics.google.com www.googletagmanager.com sentry.is.canonical.com www.google-analytics.com *.crazyegg.com scout.salesloft.com *.g.doubleclick.net js.zi-scripts.com *.mktoresp.com prompts.maze.co *.google-analytics.com pixel-config.reddit.com www.redditstatic.com conversions-config.reddit.com px.ads.linkedin.com ws.zoominfo.com youtube.com google.com fonts.google.com api.text.com raw.githubusercontent.com *.analytics.google.com *.g.doubleclick.net ad.doubleclick.net www.googleadservices.com www.facebook.com *.livechatinc.com *.text.com *.youtube.com *.google.com; frame-src 'self' *.doubleclick.net www.youtube.com/ asciinema.org player.vimeo.com js.stripe.com www.googletagmanager.com www.google.com www.brighttalk.com cdn.livechatinc.com secure.livechatinc.com cdn.livechat-static.com *.cloudfront.net app3.trueability.com app.trueability.com pay.stripe.com; style-src *.cloudfront.net cdn.jsdelivr.net 'self' *.livechatinc.com *.youtube.com *.google.com 'unsafe-inline'; media-src 'self' res.cloudinary.com cdn.livechatinc.com secure.livechatinc.com cdn.livechat-static.com images.zenhubusercontent.com assets.ubuntu.com *.livechatinc.com *.youtube.com *.google.com *.livechat-static.com ubuntu.com; child-src api.livechatinc.com cdn.livechatinc.com secure.livechatinc.com youtube.com google.com fonts.google.com 'self' *.livechatinc.com *.youtube.com *.google.com blob:; object-src 'self' *.livechatinc.com *.youtube.com *.google.com; frame-ancestors https://edge-billing.stripe.com https://edge-connect.stripe.com https://edge-dashboard-admin.stripe.com https://edge-dashboard.stripe.com https://edge-docs.stripe.com https://edge-marketplace.stripe.com https://edge-support.stripe.com https://billing.stripe.com https://connect.stripe.com https://dashboard-admin.stripe.com https://dashboard.stripe.com https://docs.stripe.com https://edge-support-conversations.stripe.com https://edge.stripe.com https://marketplace.stripe.com https://stripe.com https://support-admin.corp.stripe.com https://support-conversations.stripe.com https://support.stripe.com; referrer-policy: strict-origin-when-cross-origin cross-origin-embedder-policy: unsafe-none cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin x-permitted-cross-domain-policies: none vary: Accept-Encoding content-encoding: gzip x-view-name: webapp.security.views.cve_index x-clacks-overhead: GNU Terry Pratchett permissions-policy: interest-cohort=() cache-control: max-age=60, stale-while-revalidate=86400, stale-if-error=300 x-frame-options: SAMEORIGIN x-content-type-options: NOSNIFF x-vcs-revision: 1766156920-8850440 x-request-id: b86cfdd27bf346974403533d7eafe99b strict-transport-security: max-age=15724800 link: ; rel=preconnect; crossorigin, ; rel=preconnect, ; rel=preconnect x-cache-status: STALE from content-cache-il3/1 accept-ranges: bytes CVEs | Ubuntu

CVE reports

The Common Vulnerabilities and Exposures (CVE) system is used to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Canonical keeps track of all CVEs affecting Ubuntu, and releases a security notice when an issue is fixed. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section

Search CVEs

By Ubuntu release

Recent CVEs

CVE-2025-43529

High priority

Needs evaluation

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing...

5 affected packages

webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit

CVE-2025-67896

High priority

Not affected

Exim before 4.99.1, with certain non-default rate-limit configurations, allows a remote heap-based buffer overflow because database records are cast directly to internal structures without validation.

1 affected package

exim4

CVE-2025-14174

High priority

Needs evaluation

Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

6 affected packages

chromium-browser, webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit

CVE-2025-66570

High priority

Needs evaluation

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions....

1 affected package

cpp-httplib

CVE-2025-52881

High priority

Some fixes available 5 of 13

runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use...

3 affected packages

runc, runc-app, runc-stable

Resources

Join the discussion

Ubuntu Pro

10-year security coverage for Ubuntu and 23,000 open-source applications and toolchains.

Get Ubuntu Pro 30-day free trial

From our blog

Original Source | Taken Source