Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 23 results


CVE-2024-25447

Medium priority
Needs evaluation

An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Not affected Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-25450

Medium priority
Needs evaluation

imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-25448

Medium priority
Needs evaluation

An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image.

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-12761

Medium priority

Some fixes available 1 of 2

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Not affected Fixed Not affected Not affected
Show less packages

CVE-2016-4024

Low priority

Some fixes available 3 of 4

Integer overflow in imlib2 before 1.4.9 on 32-bit platforms allows remote attackers to execute arbitrary code via large dimensions in an image, which triggers an out-of-bounds heap memory write operation.

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Fixed
Show less packages

CVE-2016-3994

Low priority

Some fixes available 3 of 4

The GIF loader in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (application crash) or obtain sensitive information via a crafted image, which triggers an out-of-bounds read.

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Fixed
Show less packages

CVE-2016-3993

Low priority

Some fixes available 3 of 4

Off-by-one error in the __imlib_MergeUpdate function in lib/updates.c in imlib2 before 1.4.9 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted coordinates.

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Fixed
Show less packages

CVE-2014-9771

Low priority
Fixed

Integer overflow in imlib2 before 1.4.7 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted image, which triggers an invalid read operation.

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Not affected
Show less packages

CVE-2014-9764

Negligible priority

Some fixes available 2 of 3

imlib2 before 1.4.7 allows remote attackers to cause a denial of service (segmentation fault) via a crafted GIF file.

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Not affected
Show less packages

CVE-2014-9763

Low priority

Some fixes available 2 of 3

imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.

1 affected packages

imlib2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
imlib2 Not affected
Show less packages