Search CVE reports


Toggle filters

1 – 5 of 5 results


CVE-2023-33460

Low priority

Some fixes available 6 of 25

There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.

3 affected packages

argyll, r-cran-jsonlite, yajl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
argyll Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
r-cran-jsonlite Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
yajl Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-33070

Medium priority

Some fixes available 8 of 73

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

9 affected packages

argyll, ccextractor, libgadu, libpg-query, libsignal-protocol-c...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
argyll Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ccextractor Needs evaluation Needs evaluation Needs evaluation
libgadu Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libpg-query Needs evaluation Needs evaluation
libsignal-protocol-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ocserv Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pidgin Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
protobuf-c Fixed Fixed Fixed Needs evaluation Needs evaluation
sudo Not affected Fixed Not affected Not affected Not affected
Show all 9 packages Show less packages

CVE-2022-24795

Medium priority

Some fixes available 6 of 93

yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB)...

12 affected packages

argyll, burp, centreon-broker, collada2gltf, icinga2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
argyll Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
burp Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
centreon-broker Ignored
collada2gltf Not in release Needs evaluation Needs evaluation Needs evaluation
icinga2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libbson Needs evaluation Needs evaluation
lnav Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
php-mongodb Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
r-cran-jsonlite Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ruby-yajl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tulip Not in release Needs evaluation Needs evaluation
yajl Not affected Fixed Fixed Fixed Fixed
Show all 12 packages Show less packages

CVE-2012-4405

Medium priority

Some fixes available 2 of 6

Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial...

5 affected packages

argyll, ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
argyll Not affected
ghostscript Not affected
gs-afpl Not in release
gs-esp Not in release
gs-gpl Not in release
Show less packages

CVE-2012-1616

Medium priority
Ignored

Use-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file.

2 affected packages

argyll, libicc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
argyll Not affected Not affected
libicc Not in release Not in release
Show less packages