Search CVE reports

61 – 70 of 224 results

Detailed view

Sort by:

CVE-2021-45944

Medium priority

Fixed

Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).

1 affected package

ghostscript

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ghostscript	—	Not affected	Fixed	Fixed

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands...

1 affected package

ghostscript

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ghostscript	—	Fixed	Fixed	Not affected

CVE-2021-29338

Low priority

Some fixes available 4 of 53

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option ”-ImgDir” on a directory that contains 1048576 files.

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
blender	Vulnerable	Vulnerable	Vulnerable	Vulnerable
ghostscript	Not affected	Not affected	Not affected	Not affected
insighttoolkit4	Not in release	Vulnerable	Vulnerable	Vulnerable
openjpeg	Not in release	Not in release	Not in release	Not in release
openjpeg2	Not affected	Fixed	Fixed	Fixed
qtwebengine-opensource-src	Vulnerable	Vulnerable	Vulnerable	Vulnerable
texmaker	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2020-27845

Medium priority

Some fixes available 14 of 48

There’s a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg’s conversion/encoding functionality, they could cause an out-of-bounds read. The highest...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
blender	Not affected	Not affected	Not affected	Vulnerable
ghostscript	Not affected	Not affected	Not affected	Fixed
insighttoolkit4	Not in release	Vulnerable	Vulnerable	Vulnerable
openjpeg	Not in release	Not in release	Not in release	Not in release
openjpeg2	Fixed	Fixed	Fixed	Fixed
qtwebengine-opensource-src	Vulnerable	Vulnerable	Vulnerable	Vulnerable
texmaker	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2020-27843

Low priority

Some fixes available 13 of 60

A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
blender	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ghostscript	Not affected	Not affected	Not affected	Fixed
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
openjpeg	Not in release	Not in release	Not in release	Not in release
openjpeg2	Fixed	Fixed	Fixed	Vulnerable
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2020-27842

Medium priority

Some fixes available 14 of 60

There’s a flaw in openjpeg’s t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
blender	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ghostscript	Not affected	Not affected	Not affected	Fixed
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
openjpeg	Not in release	Not in release	Not in release	Not in release
openjpeg2	Fixed	Fixed	Fixed	Fixed
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2020-27841

Low priority

Some fixes available 14 of 25

There’s a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
blender	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Fixed
insighttoolkit4	Not in release	Not affected	Not affected	Not affected
openjpeg	Not in release	Not in release	Not in release	Not in release
openjpeg2	Fixed	Fixed	Fixed	Fixed
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
texmaker	Not affected	Not affected	Not affected	Not affected

CVE-2020-27824

Medium priority

Some fixes available 15 of 60

A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
blender	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ghostscript	Not affected	Not affected	Not affected	Fixed
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
openjpeg	Not in release	Not in release	Not in release	Not in release
openjpeg2	Fixed	Fixed	Fixed	Fixed
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2020-27823

Medium priority

Some fixes available 12 of 56

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
blender	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
ghostscript	Not affected	Not affected	Not affected	Not affected
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
openjpeg	Not in release	Not in release	Not in release	Not in release
openjpeg2	Fixed	Fixed	Fixed	Fixed
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2020-27814

Medium priority

Some fixes available 14 of 24

A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running...

7 affected packages

blender, ghostscript, insighttoolkit4, openjpeg, openjpeg2...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
blender	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Fixed
insighttoolkit4	Not in release	Not affected	Not affected	Not affected
openjpeg	Not in release	Not in release	Not in release	Not in release
openjpeg2	Fixed	Fixed	Fixed	Fixed
qtwebengine-opensource-src	Vulnerable	Vulnerable	Vulnerable	Not affected
texmaker	Not affected	Not affected	Not affected	Not affected

Export to JSON

Results by page: