Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 23 results


CVE-2023-51257

Medium priority
Needs evaluation

An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.

3 affected packages

jasper, netpbm-free, opencpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
jasper Not in release Not in release Not in release Ignored Needs evaluation
netpbm-free Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
opencpn Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
Show less packages

CVE-2015-8751

Medium priority
Not affected

Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.

3 affected packages

ghostscript, jasper, netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
jasper
netpbm-free
Show less packages

CVE-2017-2587

Medium priority
Not affected

A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.

1 affected packages

netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
netpbm-free Not affected
Show less packages

CVE-2017-2586

Low priority
Not affected

A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.

1 affected packages

netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
netpbm-free Not affected
Show less packages

CVE-2017-2581

Medium priority
Not affected

An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.

1 affected packages

netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
netpbm-free Not affected
Show less packages

CVE-2017-2580

Medium priority
Not affected

An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.

1 affected packages

netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
netpbm-free Not affected
Show less packages

CVE-2017-2579

Medium priority
Not affected

An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly...

1 affected packages

netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
netpbm-free Not affected
Show less packages

CVE-2018-8975

Medium priority
Not affected

The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.

1 affected packages

netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
netpbm-free Not affected
Show less packages

CVE-2017-5849

Medium priority
Not affected

tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to...

1 affected packages

netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
netpbm-free Not affected
Show less packages

CVE-2014-8158

Medium priority

Some fixes available 4 of 5

Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.

3 affected packages

ghostscript, jasper, netpbm-free

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
jasper
netpbm-free
Show less packages