Output without subprojects: Trusty release loaded as "trusty" ubuntu/trusty Trusty release loaded as "ubuntu/trusty" ubuntu/trusty * ESM Apps None * ESM Infra esm/trusty * ESM Infra parent ubuntu/trusty Bionic release loaded as "bionic" ubuntu/bionic Bionic release loaded as "ubuntu/bionic" ubuntu/bionic * ESM Apps esm-apps/bionic * ESM Infra esm-infra/bionic * ESM Infra parent ubuntu/bionic * ESM Apps parent esm-infra/bionic Jammy release loaded as "jammy" ubuntu/jammy Jammy release loaded as "ubuntu/jammy" ubuntu/jammy * ESM Apps esm-apps/jammy * ESM Infra None * ESM Apps parent ubuntu/jammy All supported releases [esm-apps/jammy, fips-updates/focal, esm/trusty, esm-apps/focal, ros-esm/melodic, fips/xenial, esm-apps/bionic, fips/bionic, ubuntu/jammy, esm-apps/xenial, esm-infra/xenial, ubuntu/mantic, esm-infra/bionic, fips-updates/bionic, fips-updates/xenial, ubuntu/noble, ros-esm/kinetic, fips/focal, esm-apps/noble, snap, ubuntu/focal] ESM Apps releases [esm-apps/jammy, esm-apps/noble, esm-apps/focal, esm-apps/bionic, esm-apps/xenial] ESM Infra releases [esm-infra/bionic, esm/trusty, esm-infra/xenial] Ubuntu product releases [ubuntu/warty, ubuntu/hoary, ubuntu/breezy, ubuntu/dapper, ubuntu/edgy, ubuntu/feisty, ubuntu/gutsy, ubuntu/hardy, ubuntu/intrepid, ubuntu/jaunty, ubuntu/karmic, ubuntu/lucid, ubuntu/maverick, ubuntu/natty, ubuntu/oneiric, ubuntu/precise, ubuntu/quantal, ubuntu/raring, ubuntu/saucy, ubuntu/trusty, ubuntu/utopic, ubuntu/vivid, ubuntu/wily, ubuntu/xenial, ubuntu/yakkety, ubuntu/zesty, ubuntu/artful, ubuntu/bionic, ubuntu/cosmic, ubuntu/disco, ubuntu/eoan, ubuntu/focal, ubuntu/groovy, ubuntu/hirsute, ubuntu/impish, ubuntu/jammy, ubuntu/kinetic, ubuntu/lunar, ubuntu/mantic, ubuntu/noble, ubuntu/oracular] Ubuntu product releases -- supported only [ubuntu/jammy, ubuntu/mantic, ubuntu/noble, ubuntu/focal] Devel release: ubuntu/oracular Loading 50236 CVEs Loading 21 releases Couldn't find package cache for release ros-esm/melodic with filename ros-esm_melodic Couldn't find package cache for release ros-esm/kinetic with filename ros-esm_kinetic Couldn't find package cache for release snap with filename snap Loading 5171 USNs Total loading time: 27.690572500228882 ------------------ Showing CVE-2023-1625 ------------------ CVE-2023-1625 Description: An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show' command to reveal parameters which are supposed to remain hidden. This has a low impact to the confidentiality, integrity, and availability of the system. References: ['https://ubuntu.com/security/notices/USN-6066-1', 'https://ubuntu.com/security/notices/USN-6293-1', 'https://www.cve.org/CVERecord?id=CVE-2023-1625'] Notes: [['mdeslaur', 'fixed in jammy-updates and kinetic-updates as a SRU, but not\nyet in the -security pocket.']] - CVE-2023-1625 heat ubuntu/focal released 1:14.2.0-0ubuntu1.1 - CVE-2023-1625 heat ubuntu/jammy released 1:18.0.1-0ubuntu1.1 - CVE-2023-1625 heat ubuntu/mantic not-affected 1:20.0.0-0ubuntu1 - CVE-2023-1625 heat ubuntu/noble not-affected 1:20.0.0-0ubuntu1 ------------------ Loading jammy into the storage ------------------ Showing CVE entries now - CVE-2024-3651 python-idna esm-infra/xenial released 2.0-3ubuntu0.1~esm1 - CVE-2024-3651 python-idna esm-infra/bionic released 2.6-1ubuntu0.1~esm1 - CVE-2024-3651 python-idna ubuntu/focal released 2.8-1ubuntu0.1 - CVE-2024-3651 python-idna ubuntu/jammy released 3.3-1ubuntu0.1 - CVE-2024-3651 python-idna ubuntu/mantic released 3.3-2ubuntu0.1 - CVE-2024-3651 python-idna ubuntu/noble released 3.6-2ubuntu0.1 - CVE-2024-3651 python-pip esm/trusty needs-triage - CVE-2024-3651 python-pip esm-apps/xenial needs-triage - CVE-2024-3651 python-pip esm-apps/bionic needs-triage - CVE-2024-3651 python-pip ubuntu/focal needs-triage - CVE-2024-3651 python-pip esm-apps/focal needs-triage - CVE-2024-3651 python-pip ubuntu/jammy needs-triage - CVE-2024-3651 python-pip esm-apps/jammy needs-triage - CVE-2024-3651 python-pip ubuntu/mantic needs-triage - CVE-2024-3651 python-pip ubuntu/noble needs-triage - CVE-2024-3651 python-pip esm-apps/noble needs-triage ------------------ Showing python-idna package ------------------ python-idna ubuntu/jammy Release main 3.2-2 - python3-idna 3.2-2 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/mantic Release main 3.3-1 - python3-idna 3.3-1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna esm-infra/xenial security main 2.0-3ubuntu0.1~esm1 - pypy-idna 2.0-3ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python-idna 2.0-3ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python3-idna 2.0-3ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] python-idna ubuntu/focal Release main 2.8-1 - python-idna 2.8-1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] - python3-idna 2.8-1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/focal Release main 2.6-2 - python-idna 2.6-2 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python3-idna 2.6-2 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] python-idna esm-infra/bionic security main 2.6-1ubuntu0.1~esm1 - pypy-idna 2.6-1ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python-idna 2.6-1ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python3-idna 2.6-1ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] python-idna ubuntu/focal Release main 2.6-2build1 - python-idna 2.6-2build1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python3-idna 2.6-2build1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] python-idna ubuntu/jammy Updates None 3.3-1ubuntu0.1 - python3-idna 3.3-1ubuntu0.1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/jammy Release main 2.10-1 - python3-idna 2.10-1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/noble Release None 3.3-2 - python3-idna 3.3-2 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/noble Updates None 3.6-2ubuntu0.1 - python3-idna 3.6-2ubuntu0.1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/noble Release None 3.6-2 - python3-idna 3.6-2 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/focal Updates None 2.8-1ubuntu0.1 - python-idna 2.8-1ubuntu0.1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] - python3-idna 2.8-1ubuntu0.1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/mantic Updates None 3.3-2ubuntu0.1 - python3-idna 3.3-2ubuntu0.1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] ------------------ Showing USNs for this CVE ------------------ USN 6780-1 Guido Vranken discovered that idna did not properly manage certain inputs, which could lead to significant resource consumption. An attacker could possibly use this issue to cause a denial of service. CVE-2024-3651 Affected releases: noble,jammy,xenial,focal,bionic,mantic python-idna - Fixed at 3.6-2ubuntu0.1 in ubuntu/noble - Fixed at 3.3-1ubuntu0.1 in ubuntu/jammy - Fixed at 2.8-1ubuntu0.1 in ubuntu/focal - Fixed at 3.3-2ubuntu0.1 in ubuntu/mantic ------------------ Unloading jammy from the storage ------------------ Showing python-idna package ------------------ python-idna ubuntu/mantic 3.3-1 - python3-idna 3.3-1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna esm-infra/xenial 2.0-3ubuntu0.1~esm1 - pypy-idna 2.0-3ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python-idna 2.0-3ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python3-idna 2.0-3ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] python-idna ubuntu/focal 2.8-1 - python-idna 2.8-1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] - python3-idna 2.8-1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/focal 2.6-2 - python-idna 2.6-2 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python3-idna 2.6-2 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] python-idna esm-infra/bionic 2.6-1ubuntu0.1~esm1 - pypy-idna 2.6-1ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python-idna 2.6-1ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python3-idna 2.6-1ubuntu0.1~esm1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] python-idna ubuntu/focal 2.6-2build1 - python-idna 2.6-2build1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] - python3-idna 2.6-2build1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 's390x'] python-idna ubuntu/noble 3.3-2 - python3-idna 3.3-2 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/noble 3.6-2ubuntu0.1 - python3-idna 3.6-2ubuntu0.1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/noble 3.6-2 - python3-idna 3.6-2 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/focal 2.8-1ubuntu0.1 - python-idna 2.8-1ubuntu0.1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] - python3-idna 2.8-1ubuntu0.1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] python-idna ubuntu/mantic 3.3-2ubuntu0.1 - python3-idna 3.3-2ubuntu0.1 ['amd64', 'arm64', 'armhf', 'i386', 'ppc64el', 'riscv64', 's390x'] ------------------ Showing CVE-2024-3651 ------------------ - CVE-2024-3651 python-idna esm-infra/xenial released 2.0-3ubuntu0.1~esm1 - CVE-2024-3651 python-idna esm-infra/bionic released 2.6-1ubuntu0.1~esm1 - CVE-2024-3651 python-idna ubuntu/focal released 2.8-1ubuntu0.1 - CVE-2024-3651 python-idna ubuntu/mantic released 3.3-2ubuntu0.1 - CVE-2024-3651 python-idna ubuntu/noble released 3.6-2ubuntu0.1 - CVE-2024-3651 python-pip esm/trusty needs-triage - CVE-2024-3651 python-pip esm-apps/xenial needs-triage - CVE-2024-3651 python-pip esm-apps/bionic needs-triage - CVE-2024-3651 python-pip ubuntu/focal needs-triage - CVE-2024-3651 python-pip esm-apps/focal needs-triage - CVE-2024-3651 python-pip ubuntu/mantic needs-triage - CVE-2024-3651 python-pip ubuntu/noble needs-triage - CVE-2024-3651 python-pip esm-apps/noble needs-triage ------------------ Showing USNs for this CVE ------------------ USN 6780-1 Guido Vranken discovered that idna did not properly manage certain inputs, which could lead to significant resource consumption. An attacker could possibly use this issue to cause a denial of service. CVE-2024-3651 Affected releases: noble,jammy,xenial,focal,bionic,mantic python-idna - Fixed at 3.6-2ubuntu0.1 in ubuntu/noble - Fixed at 2.8-1ubuntu0.1 in ubuntu/focal - Fixed at 3.3-2ubuntu0.1 in ubuntu/mantic