Search CVE reports
51 – 54 of 54 results
CVE-2017-6886
Low prioritySome fixes available 3 of 108
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.
12 affected packages
darktable, dcraw, exactimage, flphoto, freeimage...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| darktable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| dcraw | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| exactimage | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| flphoto | Not in release | Not in release | Not in release | Not in release | Not in release |
| freeimage | Not affected | Not affected | Not affected | Not affected | Not affected |
| graphicsmagick | Not affected | Not affected | Not affected | Not affected | Not affected |
| kodi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libraw | Not affected | Not affected | Not affected | Not affected | Fixed |
| rawstudio | Not in release | Not in release | Not in release | Not in release | Not in release |
| rawtherapee | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ufraw | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2016-5684
Medium prioritySome fixes available 2 of 6
An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An...
1 affected packages
freeimage
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| freeimage | — | — | — | Not affected | Fixed |
CVE-2015-0852
Medium prioritySome fixes available 1 of 7
Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a window.
1 affected packages
freeimage
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| freeimage | — | Not affected | Not affected | Not affected | Not affected |
CVE-2015-3885
Negligible prioritySome fixes available 2 of 53
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
10 affected packages
darktable, dcraw, exactimage, freeimage, kodi...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| darktable | Not affected | Not affected | Not affected | Not affected | Not affected |
| dcraw | Not affected | Not affected | Not affected | Not affected | Vulnerable |
| exactimage | Not affected | Not affected | Not affected | Not affected | Not affected |
| freeimage | Not affected | Not affected | Not affected | Not affected | Not affected |
| kodi | Needs evaluation | Not affected | Not affected | Not affected | Vulnerable |
| libraw | Not affected | Not affected | Not affected | Not affected | Not affected |
| rawstudio | Not in release | Not in release | Not in release | Not in release | Not in release |
| rawtherapee | Not affected | Not affected | Not affected | Not affected | Not affected |
| ufraw | Not in release | Not in release | Not in release | Not affected | Not affected |
| xbmc | Not in release | Not in release | Not in release | Not in release | Not in release |