Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 7 of 7 results


CVE-2023-43281

Medium priority
Needs evaluation

Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.

14 affected packages

arm-compute-library, armnn, bibledit, bibledit-cloud, emscripten...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
arm-compute-library Needs evaluation Needs evaluation Not in release Ignored Ignored
armnn Needs evaluation Needs evaluation Not in release Ignored Ignored
bibledit Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
bibledit-cloud Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
emscripten Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
goxel Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
libsfml Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libstb Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
love Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
mame Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
timg Needs evaluation Needs evaluation Not in release Ignored Ignored
tiny-dnn Needs evaluation Not in release Not in release Ignored Ignored
utox Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
visp Needs evaluation Needs evaluation Not in release Needs evaluation Needs evaluation
Show all 14 packages Show less packages

CVE-2022-34300

Low priority
Needs evaluation

In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData.

12 affected packages

asymptote, chromium-browser, godot, goxel, love...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
asymptote Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
chromium-browser Not affected Not affected Not affected Not affected Ignored
godot Needs evaluation Needs evaluation Needs evaluation
goxel Needs evaluation Needs evaluation Needs evaluation Needs evaluation
love Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
mame Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
psychtoolbox-3 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
qt6-webengine Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rbdoom3bfg Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
renderdoc Not in release Needs evaluation Needs evaluation
tinyexr Needs evaluation Needs evaluation
Show all 12 packages Show less packages

CVE-2021-46143

Medium priority

Some fixes available 22 of 268

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

50 affected packages

apache2, apr-util, astropy, audacity, ayttm...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
astropy Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
audacity Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ayttm Not in release Not in release Not in release Not in release Needs evaluation
cableswig Not in release Not in release Not in release Not in release Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
cmake Not affected Not affected Not affected Not affected Not affected
coda Needs evaluation Needs evaluation Needs evaluation Ignored
coin3 Not affected Not affected Not affected Needs evaluation Needs evaluation
emboss Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
expat Fixed Fixed Fixed Fixed Fixed
firefox Fixed Fixed Fixed Fixed Ignored
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
harp Needs evaluation Needs evaluation Needs evaluation Ignored
ibm-3270 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit Not in release Not in release Not in release Not in release Needs evaluation
insighttoolkit4 Not in release Not affected Not affected Not affected Needs evaluation
insighttoolkit5 Needs evaluation Needs evaluation Ignored
libsynthesis Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libxmltok Vulnerable Fixed Fixed Fixed Fixed
mame Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
matanza Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
opencollada Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
poco Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
python2.7 Not in release Not affected Not affected Not affected Not affected
python3.10 Not in release Not affected Not in release Not in release Not in release
python3.4 Not in release Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Not in release Not affected
python3.6 Not in release Not in release Not in release Not affected Not in release
python3.7 Not in release Not in release Not in release Not affected Not in release
python3.8 Not in release Not in release Not affected Not affected Not in release
python3.9 Not in release Not in release Not affected Not in release Not in release
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
sitecopy Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
smart Not in release Not in release Not in release Not affected Not affected
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texlive-bin Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Ignored Ignored
tla Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
visp Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Not in release Needs evaluation Needs evaluation
vtk Not in release Not in release Not in release Not in release Needs evaluation
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmlrpc Ignored
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xsd Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 50 packages Show less packages

CVE-2021-43519

Low priority
Needs evaluation

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

45 affected packages

ardour, bam, blobby, ceph, darktable...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ardour Not affected Not affected Not affected Not affected Not affected
bam Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blobby Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ceph Not affected Not affected Not affected Not affected Not affected
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
eja Not in release Needs evaluation Needs evaluation Needs evaluation Ignored
emscripten Needs evaluation Needs evaluation Needs evaluation Needs evaluation
enigma Not affected Not affected Not affected Not affected Not affected
freeciv Not affected Not affected Not affected Not affected Not affected
freedroidrpg Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
fs-uae Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
golly Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
goxel Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
grub2 Not affected Not affected Not affected Not affected Not affected
gtk2-engines Not affected Not affected Not affected Not affected Not affected
haskell-hslua Not affected Not affected Not affected Not affected Not affected
hedgewars Not affected Not affected Not affected Not affected Not affected
lua5.1 Not affected Not affected Not affected Not affected Not affected
lua5.2 Not affected Not affected Not affected Not affected Not affected
lua5.3 Not affected Not affected Not affected Not affected Not affected
lua5.4 Not affected Not affected Not in release Not in release Not in release
lua50 Not in release Not in release Not affected Not affected Not affected
luajit Not affected Not affected Not affected Not affected Not affected
mame Not affected Not affected Not affected Not affected Not affected
naev Needs evaluation Needs evaluation Needs evaluation Ignored
openscenegraph Not affected Not affected Not affected Not affected Not affected
redis Not affected Not affected Not affected Not affected Not affected
rust-lua52-sys Needs evaluation Needs evaluation Needs evaluation Ignored
scite Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
scorched3d Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
scummvm Not affected Not affected Not affected Not affected Not affected
spring Not affected Not affected Not affected Not affected Not affected
syslinux Not affected Not affected Not affected Not affected Not affected
syslinux-legacy Not in release Not in release Not affected Not affected Not affected
tagua Not affected Not affected Not affected Not affected Not affected
tarantool Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texlive-bin Not affected Not affected Not affected Not affected Not affected
tup Needs evaluation Needs evaluation Needs evaluation Ignored
ufoai Not affected Not affected Not affected Not affected Not affected
vifm Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
wcc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
wesnoth Ignored
widelands Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmoto Not affected Not affected Not affected Not affected Not affected
zfs-linux Not affected Not affected Not affected Not affected Not affected
Show all 45 packages Show less packages

CVE-2018-16981

Medium priority
Vulnerable

stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.

13 affected packages

catimg, ccextractor, flif, goxel, libsfml...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
catimg Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
ccextractor Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
flif Not in release Not in release Not in release Not in release Not in release
goxel Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
libsfml Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
libsixel Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
love Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
mame Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
renderdoc Not in release Needs evaluation Needs evaluation Not in release Not in release
retroarch Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
tweeny Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
zam-plugins Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
zynaddsubfx Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 13 packages Show less packages

CVE-2017-6888

Low priority

Some fixes available 3 of 29

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

6 affected packages

android, chromium-browser, flac, mame, oxide-qt, praat

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android Not in release Not in release Not in release Not in release Ignored
chromium-browser Not affected Not affected Not affected Not affected Not affected
flac Not affected Not affected Not affected Fixed Fixed
mame Not affected Not affected Not affected Not affected Not affected
oxide-qt Not in release Not in release Not in release Not in release Ignored
praat Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2006-0176

Unknown priority

Some fixes available 7 of 8

Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -rec argument on many operating...

1 affected packages

xmame

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xmame
Show less packages