Search CVE reports
1 – 10 of 13 results
CVE-2023-43281
Medium priorityDouble Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.
14 affected packages
arm-compute-library, armnn, bibledit, bibledit-cloud, emscripten...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
arm-compute-library | Needs evaluation | Needs evaluation | Not in release | Ignored | Ignored |
armnn | Needs evaluation | Needs evaluation | Not in release | Ignored | Ignored |
bibledit | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
bibledit-cloud | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
emscripten | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
goxel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
libsfml | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libstb | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
love | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
mame | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
timg | Needs evaluation | Needs evaluation | Not in release | Ignored | Ignored |
tiny-dnn | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
utox | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
visp | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
CVE-2022-36561
Low priorityXPDF v4.0.4 was discovered to contain a segmentation violation via the component /xpdf/AcroForm.cc:538.
4 affected packages
emscripten, ipe, texlive-bin, xpdf
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
emscripten | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
texlive-bin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xpdf | Not affected | Not affected | Not in release | Not affected | Needs evaluation |
CVE-2022-24107
Medium priorityXpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.
4 affected packages
emscripten, ipe, texlive-bin, xpdf
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
emscripten | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
texlive-bin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xpdf | Not affected | Not affected | Not in release | Not affected | Needs evaluation |
CVE-2022-24106
Medium priorityIn Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
4 affected packages
emscripten, ipe, texlive-bin, xpdf
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
emscripten | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
texlive-bin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xpdf | Not affected | Not affected | Not in release | Not affected | Needs evaluation |
CVE-2022-38784
Medium prioritySome fixes available 4 of 12
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the...
2 affected packages
emscripten, poppler
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
emscripten | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
poppler | Not affected | Fixed | Fixed | Fixed | Fixed |
CVE-2021-43519
Low priorityStack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.
45 affected packages
ardour, bam, blobby, ceph, darktable...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ardour | Not affected | Not affected | Not affected | Not affected | Not affected |
bam | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
blobby | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ceph | Not affected | Not affected | Not affected | Not affected | Not affected |
darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
eja | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
emscripten | Needs evaluation | Needs evaluation | — | Needs evaluation | Needs evaluation |
enigma | Not affected | Not affected | Not affected | Not affected | Not affected |
freeciv | Not affected | Not affected | Not affected | Not affected | Not affected |
freedroidrpg | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
golly | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
goxel | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
grub2 | Not affected | Not affected | Not affected | Not affected | Not affected |
gtk2-engines | Not affected | Not affected | Not affected | Not affected | Not affected |
haskell-hslua | Not affected | Not affected | Not affected | Not affected | Not affected |
hedgewars | Not affected | Not affected | Not affected | Not affected | Not affected |
lua5.1 | Not affected | Not affected | Not affected | Not affected | Not affected |
lua5.2 | Not affected | Not affected | Not affected | Not affected | Not affected |
lua5.3 | Not affected | Not affected | Not affected | Not affected | Not affected |
lua5.4 | Not affected | Not affected | Not in release | Not in release | Not in release |
lua50 | Not in release | Not in release | Not affected | Not affected | Not affected |
luajit | Not affected | Not affected | Not affected | Not affected | Not affected |
mame | Not affected | Not affected | Not affected | Not affected | Not affected |
naev | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
openscenegraph | Not affected | Not affected | Not affected | Not affected | Not affected |
redis | Not affected | Not affected | Not affected | Not affected | Not affected |
rust-lua52-sys | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
scite | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
scorched3d | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
scummvm | Not affected | Not affected | Not affected | Not affected | Not affected |
spring | Not affected | Not affected | Not affected | Not affected | Not affected |
syslinux | Not affected | Not affected | Not affected | Not affected | Not affected |
syslinux-legacy | Not in release | Not in release | Not affected | Not affected | Not affected |
tagua | Not affected | Not affected | Not affected | Not affected | Not affected |
tarantool | Needs evaluation | Needs evaluation | Needs evaluation | — | Needs evaluation |
texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
tup | Needs evaluation | Needs evaluation | Needs evaluation | — | Ignored |
ufoai | Not affected | Not affected | Not affected | Not affected | Not affected |
vifm | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
wcc | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
wesnoth | — | — | — | — | Ignored |
widelands | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xmoto | Not affected | Not affected | Not affected | Not affected | Not affected |
zfs-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2019-9959
Low prioritySome fixes available 2 of 15
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size...
2 affected packages
emscripten, poppler
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
emscripten | Ignored | Ignored | Not in release | Ignored | Ignored |
poppler | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2019-12973
Low prioritySome fixes available 12 of 85
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to...
9 affected packages
blender, emscripten, gdcm, ghostscript, insighttoolkit4...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
blender | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
emscripten | Ignored | Ignored | Not in release | Ignored | Ignored |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
insighttoolkit4 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
openjpeg | Not in release | Not in release | Not in release | Not in release | Not affected |
openjpeg2 | Fixed | Fixed | Fixed | Fixed | Fixed |
qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
texmaker | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2018-20847
Medium prioritySome fixes available 1 of 72
An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG through 2.3.0 can lead to an integer overflow.
8 affected packages
blender, emscripten, gdcm, insighttoolkit4, openjpeg...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
blender | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
emscripten | Ignored | Ignored | Not in release | Ignored | Ignored |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
insighttoolkit4 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
openjpeg | Not in release | Not in release | Not in release | Not in release | Not affected |
openjpeg2 | Not affected | Not affected | Not affected | Not affected | Fixed |
qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
texmaker | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2018-20846
Medium priorityOut-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service...
8 affected packages
blender, emscripten, gdcm, insighttoolkit4, openjpeg...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
blender | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
emscripten | Ignored | Ignored | Not in release | Ignored | Ignored |
gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
insighttoolkit4 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
openjpeg | Not in release | Not in release | Not in release | Not in release | Not affected |
openjpeg2 | Not affected | Not affected | Not affected | Not affected | Not affected |
qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
texmaker | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |