Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 5 of 5 results

CVE-2014-4978

Low priority
Ignored

The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to truncate arbitrary files via a symlink attack on (1) /tmp/rs-filter-graph.png or (2) /tmp/rs-filter-graph.

1 affected packages

rawstudio

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
rawstudio Not in release Not in release
Show less packages

CVE-2017-6887

Low priority

Some fixes available 3 of 108

A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100"...

12 affected packages

darktable, dcraw, exactimage, flphoto, freeimage...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
flphoto Not in release Not in release Not in release Not in release Not in release
freeimage Not affected Not affected Not affected Not affected Not affected
graphicsmagick Not affected Not affected Not affected Not affected Not affected
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Not affected Fixed
rawstudio Not in release Not in release Not in release Not in release Not in release
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Vulnerable Vulnerable
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 12 packages Show less packages

CVE-2017-6886

Low priority

Some fixes available 3 of 108

An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.

12 affected packages

darktable, dcraw, exactimage, flphoto, freeimage...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
flphoto Not in release Not in release Not in release Not in release Not in release
freeimage Not affected Not affected Not affected Not affected Not affected
graphicsmagick Not affected Not affected Not affected Not affected Not affected
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Not affected Fixed
rawstudio Not in release Not in release Not in release Not in release Not in release
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Needs evaluation Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 12 packages Show less packages

CVE-2015-3885

Negligible priority

Some fixes available 2 of 53

Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.

10 affected packages

darktable, dcraw, exactimage, freeimage, kodi...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Not affected Not affected Not affected Not affected Not affected
dcraw Not affected Not affected Not affected Not affected Vulnerable
exactimage Not affected Not affected Not affected Not affected Not affected
freeimage Not affected Not affected Not affected Not affected Not affected
kodi Needs evaluation Not affected Not affected Not affected Vulnerable
libraw Not affected Not affected Not affected Not affected Not affected
rawstudio Not in release Not in release Not in release Not in release Not in release
rawtherapee Not affected Not affected Not affected Not affected Not affected
ufraw Not in release Not in release Not in release Not affected Not affected
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 10 packages Show less packages

CVE-2013-1438

Medium priority

Some fixes available 39 of 106

Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a...

9 affected packages

darktable, dcraw, exactimage, libkdcraw, libraw...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Not affected Not affected Not affected Not affected Not affected
dcraw Not affected Not affected Not affected Vulnerable Vulnerable
exactimage Not affected Not affected Not affected Not affected Not affected
libkdcraw Not in release Not in release Not in release Not in release Not affected
libraw Fixed Fixed Fixed Fixed Fixed
rawstudio Not in release Not in release Not in release Not in release Not in release
rawtherapee Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
ufraw Not in release Not in release Not in release Fixed Fixed
xmbc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages