Search CVE reports
1 – 4 of 4 results
CVE-2023-6228
Low prioritySome fixes available 7 of 27
An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash.
4 affected packages
libgeotiff, libtk-img, povray, tiff
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libgeotiff | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
libtk-img | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
povray | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
tiff | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2019-17546
Medium prioritySome fixes available 5 of 53
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param"...
17 affected packages
blender, chromium-browser, gdal, insighttoolkit4, ivtools...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
blender | Not affected | Not affected | Not affected | Not affected | Not affected |
chromium-browser | Not affected | Not affected | Not affected | Not affected | Not affected |
gdal | Not affected | Not affected | Not affected | Not affected | Vulnerable |
insighttoolkit4 | Not in release | Not affected | Not affected | Not affected | Not affected |
ivtools | Not affected | Not affected | Not affected | Not affected | Not affected |
libtk-img | Not affected | Not affected | Not affected | Not affected | Not affected |
neuron | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
openjpeg2 | Not affected | Not affected | Not affected | Not affected | Not affected |
paraview | Not affected | Not affected | Not affected | Not affected | Not affected |
povray | Not affected | Not affected | Not affected | Not affected | Not affected |
qt4-x11 | Not in release | Not in release | Not in release | Not affected | Not affected |
qtimageformats-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
sfftobmp | Not affected | Not affected | Not affected | Not affected | Not affected |
texmaker | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not affected |
tiff | Not affected | Not affected | Not affected | Fixed | Fixed |
xloadimage | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2007-5378
Low prioritySome fixes available 9 of 12
Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3.5 and earlier, allows user-assisted attackers to cause a denial of service (segmentation fault) via an animated GIF in which the...
3 affected packages
libtk-img, tk8.3, tk8.4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libtk-img | — | — | — | — | — |
tk8.3 | — | — | — | — | — |
tk8.4 | — | — | — | — | — |
CVE-2007-5137
Medium prioritySome fixes available 7 of 10
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than...
3 affected packages
libtk-img, tk8.3, tk8.4
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libtk-img | — | — | — | — | — |
tk8.3 | — | — | — | — | — |
tk8.4 | — | — | — | — | — |