Search CVE reports


Toggle filters

421 – 430 of 1279 results


CVE-2022-27664

Medium priority

Some fixes available 26 of 38

In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.

17 affected packages

adsys, containerd, golang, golang-1.10, golang-1.13...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
adsys Not affected Not affected Not affected Fixed
containerd Not affected Not affected Not affected Not affected Not affected
golang Not in release Not in release Not in release
golang-1.10 Not in release Not in release Vulnerable
golang-1.13 Not in release Not in release Fixed Fixed Fixed
golang-1.14 Not in release Vulnerable Not in release
golang-1.16 Not in release Fixed Fixed
golang-1.17 Vulnerable Not in release Not in release
golang-1.18 Not in release Not in release Fixed Fixed Fixed
golang-1.6 Not in release Not in release Not in release
golang-1.8 Not in release Not in release Vulnerable
golang-1.9 Not in release Not in release Vulnerable
golang-golang-x-net Not affected Not affected Fixed Not in release Not in release
golang-golang-x-net-dev Not in release Not in release Not in release Fixed Fixed
google-guest-agent Fixed Fixed Fixed Fixed Needs evaluation
juju-core Not in release Not in release Not in release
lxd Not in release Not in release Not in release Not affected Fixed
Show all 17 packages Show less packages

CVE-2020-35535

Medium priority
Needs evaluation

In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Not affected Not affected
libraw Not affected Not affected Not affected Not affected Not affected
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2020-35534

Medium priority
Needs evaluation

In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Not affected Not affected
libraw Not affected Not affected Not affected Not affected Not affected
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2020-35533

Medium priority

Some fixes available 4 of 64

In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Fixed Fixed
libraw Not affected Not affected Not affected Fixed Fixed
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2020-35532

Medium priority

Some fixes available 4 of 64

In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Fixed Fixed
libraw Not affected Not affected Not affected Fixed Fixed
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2020-35531

Medium priority

Some fixes available 4 of 64

In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Fixed Fixed
libraw Not affected Not affected Not affected Fixed Fixed
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2020-35530

Medium priority

Some fixes available 4 of 64

In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.

9 affected packages

darktable, exactimage, dcraw, rawtherapee, kodi...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
darktable Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
exactimage Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
dcraw Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
rawtherapee Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kodi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
digikam Not affected Not affected Not affected Fixed Fixed
libraw Not affected Not affected Not affected Fixed Fixed
ufraw Not in release Not in release Not in release Not in release Needs evaluation
xbmc Not in release Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2022-1115

Medium priority
Ignored

A heap-buffer-overflow flaw was found in ImageMagick’s PushShortPixel() function of quantum-private.h file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to ImageMagick for conversion,...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Not affected
Show less packages

CVE-2022-0284

Medium priority
Not affected

A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to...

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Not affected Not affected Not affected
Show less packages

CVE-2021-3574

Medium priority
Fixed

A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks.

1 affected package

imagemagick

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
imagemagick Fixed Fixed Fixed Not affected Not affected
Show less packages