Upgrade RHEL:8 sane-backends-libs to version 0:1.0.27-19.el8_2.1 or higher. This issue was patched in RHSA-2020:2902 .

Heap-based Buffer Overflow in sane-backends-libs | CVE-2020-12861

Threat Intelligence

2.22% (90^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-UBUNTU1510-OXIDEQT-622803
published25 Jan 2016
disclosed25 Jan 2016

Report a new vulnerability Found a mistake?

Introduced: 25 Jan 2016

CVE-2016-1619 (opens in a new tab) CWE-119 (opens in a new tab)

Amendment

The Ubuntu security team deemed this advisory irrelevant for Ubuntu:15.10.

NVD Description

Note: Versions mentioned in the description apply only to the upstream oxide-qt package and not the oxide-qt package as distributed by Ubuntu.

Multiple integer overflows in the (1) sycc422_to_rgb and (2) sycc444_to_rgb functions in fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 48.0.2564.82, allow remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted PDF document.

Out-of-Bounds The advisory has been revoked - it doesn't affect any version of package oxide-qt (opens in a new tab)

Threat Intelligence

Do your applications use this vulnerable package?

Introduced: 25 Jan 2016

Amendment

NVD Description

References