Search CVE reports
61 – 70 of 184 results
CVE-2022-40674
Medium prioritySome fixes available 11 of 103
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
24 affected packages
apache2, apr-util, ayttm, cableswig, cadaver...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| apache2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| apr-util | Not affected | Not affected | Not affected | Not affected | Not affected |
| ayttm | — | Not in release | Not in release | Not in release | Needs evaluation |
| cableswig | — | Not in release | Not in release | Not in release | Needs evaluation |
| cadaver | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| cmake | Not affected | Not affected | Not affected | Not affected | Not affected |
| coin3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| expat | Fixed | Fixed | Fixed | Fixed | Fixed |
| firefox | Not affected | Not affected | Fixed | Fixed | Ignored |
| gdcm | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit | — | Not in release | Not in release | Not in release | Needs evaluation |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected | Needs evaluation |
| libxmltok | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not affected |
| matanza | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| smart | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
| swish-e | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| tdom | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
| thunderbird | Ignored | Ignored | Ignored | Ignored | Ignored |
| vnc4 | — | Not in release | Not in release | Needs evaluation | Needs evaluation |
| vtk | — | Not in release | Not in release | Not in release | Needs evaluation |
| wbxml2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xmlrpc-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-36561
Low priorityXPDF v4.0.4 was discovered to contain a segmentation violation via the component /xpdf/AcroForm.cc:538.
4 affected packages
emscripten, ipe, texlive-bin, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emscripten | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| texlive-bin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xpdf | Not affected | Not affected | Not in release | Not affected | Needs evaluation |
CVE-2022-24107
Medium priorityXpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc.
4 affected packages
emscripten, ipe, texlive-bin, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emscripten | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| texlive-bin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xpdf | Not affected | Not affected | Not in release | Not affected | Needs evaluation |
CVE-2022-24106
Medium priorityIn Xpdf prior to 4.04, the DCT (JPEG) decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc.
4 affected packages
emscripten, ipe, texlive-bin, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emscripten | Needs evaluation | Needs evaluation | Not in release | Needs evaluation | Needs evaluation |
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| texlive-bin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xpdf | Not affected | Not affected | Not in release | Not affected | Needs evaluation |
CVE-2022-38171
Medium priorityXpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of...
3 affected packages
ipe, texlive-bin, xpdf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ipe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| texlive-bin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xpdf | Not affected | Not affected | Not in release | Needs evaluation | Needs evaluation |
CVE-2022-35486
Negligible priorityOTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae.
1 affected packages
texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2022-35485
Negligible priorityOTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x703969.
1 affected packages
texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2022-35484
Negligible priorityOTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6b6a8f.
1 affected packages
texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2022-35483
Negligible priorityOTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x5266a8.
1 affected packages
texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2022-35482
Negligible priorityOTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724.
1 affected packages
texlive-bin
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| texlive-bin | Not affected | Not affected | Not affected | Not affected | Not affected |