Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

41 – 50 of 54 results

CVE-2020-22524

Medium priority

Some fixes available 7 of 9

Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted PFM file.

1 affected packages

freeimage

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freeimage Needs evaluation Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-21428

Medium priority

Some fixes available 7 of 9

Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

1 affected packages

freeimage

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freeimage Needs evaluation Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-21427

Medium priority

Some fixes available 7 of 9

Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

1 affected packages

freeimage

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freeimage Needs evaluation Fixed Fixed Fixed Fixed
Show less packages

CVE-2020-21426

Medium priority
Needs evaluation

Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

1 affected packages

freeimage

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freeimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-33367

Medium priority
Needs evaluation

Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR file.

1 affected packages

freeimage

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freeimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-12214

Medium priority
Vulnerable

In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be...

1 affected packages

freeimage

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freeimage Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2019-12213

Medium priority

Some fixes available 4 of 7

When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.

1 affected packages

freeimage

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freeimage Not affected Fixed Fixed Fixed
Show less packages

CVE-2019-12212

Medium priority
Vulnerable

When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote...

1 affected packages

freeimage

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freeimage Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2019-12211

Medium priority

Some fixes available 4 of 7

When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a...

1 affected packages

freeimage

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
freeimage Not affected Fixed Fixed Fixed
Show less packages

CVE-2017-6887

Low priority

Some fixes available 3 of 108

A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100"...

12 affected packages

darktable, dcraw, exactimage, flphoto, freeimage...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
flphoto Not in release Not in release Not in release Not in release Not in release
freeimage Not affected Not affected Not affected Not affected Not affected
graphicsmagick Not affected Not affected Not affected Not affected Not affected
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libraw Not affected Not affected Not affected Not affected Fixed
rawstudio Not in release Not in release Not in release Not in release Not in release
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ufraw Not in release Not in release Not in release Vulnerable Vulnerable
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 12 packages Show less packages
  1. Previous page
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. Next page
Export to JSON