Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

61 – 70 of 224 results


CVE-2021-45944

Medium priority
Fixed

Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).

1 affected packages

ghostscript

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-3781

High priority
Fixed

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands...

1 affected packages

ghostscript

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript Fixed Fixed Not affected Not affected
Show less packages

CVE-2021-29338

Low priority

Some fixes available 4 of 53

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
blender Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit4 Not in release Vulnerable Vulnerable Vulnerable Vulnerable
openjpeg Not in release Not in release Not in release Not in release Not affected
openjpeg2 Not affected Fixed Fixed Fixed Fixed
qtwebengine-opensource-src Vulnerable Vulnerable Vulnerable Vulnerable Not in release
texmaker Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show all 7 packages Show less packages

CVE-2020-27845

Medium priority

Some fixes available 14 of 48

There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
blender Not affected Not affected Not affected Vulnerable Not affected
ghostscript Not affected Not affected Not affected Fixed Fixed
insighttoolkit4 Not in release Vulnerable Vulnerable Vulnerable Vulnerable
openjpeg Not in release Not in release Not in release Not in release Ignored
openjpeg2 Fixed Fixed Fixed Fixed Fixed
qtwebengine-opensource-src Vulnerable Vulnerable Vulnerable Vulnerable Not in release
texmaker Vulnerable Vulnerable Vulnerable Vulnerable Not affected
Show all 7 packages Show less packages

CVE-2020-27843

Low priority

Some fixes available 13 of 60

A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Fixed Fixed
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
openjpeg Not in release Not in release Not in release Not in release Ignored
openjpeg2 Fixed Fixed Fixed Vulnerable Fixed
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2020-27842

Medium priority

Some fixes available 14 of 60

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Fixed Fixed
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
openjpeg Not in release Not in release Not in release Not in release Ignored
openjpeg2 Fixed Fixed Fixed Fixed Fixed
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2020-27841

Low priority

Some fixes available 14 of 25

There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
blender Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Fixed Fixed
insighttoolkit4 Not in release Not affected Not affected Not affected Not affected
openjpeg Not in release Not in release Not in release Not in release Not affected
openjpeg2 Fixed Fixed Fixed Fixed Fixed
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
texmaker Not affected Not affected Not affected Not affected Not affected
Show all 7 packages Show less packages

CVE-2020-27824

Medium priority

Some fixes available 15 of 60

A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Fixed Fixed
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
openjpeg Not in release Not in release Not in release Not in release Fixed
openjpeg2 Fixed Fixed Fixed Fixed Fixed
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2020-27823

Medium priority

Some fixes available 12 of 56

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
openjpeg Not in release Not in release Not in release Not in release Not affected
openjpeg2 Fixed Fixed Fixed Fixed Fixed
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2020-27814

Medium priority

Some fixes available 14 of 24

A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
blender Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Fixed Fixed
insighttoolkit4 Not in release Not affected Not affected Not affected Not affected
openjpeg Not in release Not in release Not in release Not in release Not affected
openjpeg2 Fixed Fixed Fixed Fixed Fixed
qtwebengine-opensource-src Vulnerable Vulnerable Vulnerable Not affected Not in release
texmaker Not affected Not affected Not affected Not affected Not affected
Show all 7 packages Show less packages