Search CVE reports
1 – 5 of 5 results
CVE-2023-33460
Low prioritySome fixes available 6 of 25
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.
3 affected packages
argyll, r-cran-jsonlite, yajl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
argyll | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
r-cran-jsonlite | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
yajl | Not affected | Fixed | Fixed | Fixed | Fixed |
CVE-2022-33070
Medium prioritySome fixes available 8 of 73
Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
9 affected packages
argyll, ccextractor, libgadu, libpg-query, libsignal-protocol-c...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
argyll | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ccextractor | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
libgadu | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libpg-query | Needs evaluation | Needs evaluation | — | — | — |
libsignal-protocol-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
ocserv | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pidgin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
protobuf-c | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
sudo | Not affected | Fixed | Not affected | Not affected | Not affected |
CVE-2022-24795
Medium prioritySome fixes available 6 of 93
yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of `yajl` contain an integer overflow which leads to subsequent heap memory corruption when dealing with large (~2GB)...
12 affected packages
argyll, burp, centreon-broker, collada2gltf, icinga2...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
argyll | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
burp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
centreon-broker | — | — | — | — | Ignored |
collada2gltf | Not in release | Needs evaluation | — | Needs evaluation | Needs evaluation |
icinga2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libbson | — | — | — | Needs evaluation | Needs evaluation |
lnav | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
php-mongodb | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
r-cran-jsonlite | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ruby-yajl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tulip | Not in release | Needs evaluation | — | — | Needs evaluation |
yajl | Not affected | Fixed | Fixed | Fixed | Fixed |
CVE-2012-4405
Medium prioritySome fixes available 2 of 6
Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial...
5 affected packages
argyll, ghostscript, gs-afpl, gs-esp, gs-gpl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
argyll | — | — | — | — | Not affected |
ghostscript | — | — | — | — | Not affected |
gs-afpl | — | — | — | — | Not in release |
gs-esp | — | — | — | — | Not in release |
gs-gpl | — | — | — | — | Not in release |
CVE-2012-1616
Medium priorityUse-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file.
2 affected packages
argyll, libicc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
argyll | — | — | — | Not affected | Not affected |
libicc | — | — | — | Not in release | Not in release |