USN-7465-1
- Source
- https://ubuntu.com/security/notices/USN-7465-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7465-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-7465-1
- Related
- Published
- 2025-04-28T12:07:52.963214Z
- Modified
- 2025-04-28T12:07:52.963214Z
- Summary
- mistral, python-mistral-lib vulnerabilities
- Details
-
It was discovered that Mistral incorrectly handled nested anchors in YAML files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-16848)
Pierre Gaxatte discovered that Mistral incorrectly handled erroneous SSH private key filename commands. An attacker could possibly use this issue to expose sensitive information. (CVE-2018-16849)
It was discovered that Mistral incorrectly handled the permissions of sensitive log files. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-3866)
- References
Affected packages
Ubuntu:Pro:16.04:LTS / mistral
Package
- Name
- mistral
- Purl
- pkg:deb/ubuntu/mistral@2.0.0-1ubuntu2+esm1?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.0.0-1ubuntu2+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "2.0.0-1ubuntu2+esm1",
"binary_name": "mistral-api"
},
{
"binary_version": "2.0.0-1ubuntu2+esm1",
"binary_name": "mistral-common"
},
{
"binary_version": "2.0.0-1ubuntu2+esm1",
"binary_name": "mistral-engine"
},
{
"binary_version": "2.0.0-1ubuntu2+esm1",
"binary_name": "mistral-executor"
},
{
"binary_version": "2.0.0-1ubuntu2+esm1",
"binary_name": "python-mistral"
}
]
}
Ubuntu:Pro:18.04:LTS / mistral
Package
- Name
- mistral
- Purl
- pkg:deb/ubuntu/mistral@6.0.0-0ubuntu1.1+esm1?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.0.0-0ubuntu1.1+esm1
Affected versions
5.*
5.0.0-0ubuntu1
6.*
6.0.0~b1-0ubuntu1
6.0.0~b1-0ubuntu2
6.0.0~b2-0ubuntu1
6.0.0~rc1-0ubuntu1
6.0.0-0ubuntu1
6.0.0-0ubuntu1.1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "6.0.0-0ubuntu1.1+esm1",
"binary_name": "mistral-api"
},
{
"binary_version": "6.0.0-0ubuntu1.1+esm1",
"binary_name": "mistral-common"
},
{
"binary_version": "6.0.0-0ubuntu1.1+esm1",
"binary_name": "mistral-engine"
},
{
"binary_version": "6.0.0-0ubuntu1.1+esm1",
"binary_name": "mistral-event-engine"
},
{
"binary_version": "6.0.0-0ubuntu1.1+esm1",
"binary_name": "mistral-executor"
},
{
"binary_version": "6.0.0-0ubuntu1.1+esm1",
"binary_name": "python-mistral"
}
]
}
Ubuntu:Pro:18.04:LTS / python-mistral-lib
Package
- Name
- python-mistral-lib
- Purl
- pkg:deb/ubuntu/python-mistral-lib@0.4.0-0ubuntu1+esm1?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.4.0-0ubuntu1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_version": "0.4.0-0ubuntu1+esm1",
"binary_name": "python-mistral-lib"
},
{
"binary_version": "0.4.0-0ubuntu1+esm1",
"binary_name": "python-mistral-lib-doc"
},
{
"binary_version": "0.4.0-0ubuntu1+esm1",
"binary_name": "python3-mistral-lib"
}
]
}