UBUNTU-CVE-2018-1999011
- Source
- https://ubuntu.com/security/CVE-2018-1999011
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1999011.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2018-1999011
- Upstream
- Published
- 2018-07-23T15:29:00Z
- Modified
- 2025-10-24T04:47:21Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later.
- References
Affected packages
Ubuntu:16.04:LTS
oxide-qt
Package
- Name
- oxide-qt
- Purl
- pkg:deb/ubuntu/oxide-qt@1.21.5-0ubuntu0.16.04.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.9.5-0ubuntu1
1.10.3-0ubuntu0.15.10.1
1.10.3-0ubuntu0.15.10.2
1.11.3-0ubuntu3
1.11.4-0ubuntu1
1.11.5-0ubuntu1
1.12.5-0ubuntu1
1.12.6-0ubuntu1
1.12.7-0ubuntu1
1.13.6-0ubuntu1
1.14.7-0ubuntu1
1.14.9-0ubuntu0.16.04.1
1.15.7-0ubuntu0.16.04.1
1.15.8-0ubuntu0.16.04.1
1.16.5-0ubuntu0.16.04.1
1.17.7-0ubuntu0.16.04.1
1.17.9-0ubuntu0.16.04.1
1.18.3-0ubuntu0.16.04.1
1.18.5-0ubuntu0.16.04.1
1.19.4-0ubuntu0.16.04.1
1.20.4-0ubuntu0.16.04.1
1.21.5-0ubuntu0.16.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "liboxideqt-qmlplugin",
"binary_version": "1.21.5-0ubuntu0.16.04.1"
},
{
"binary_name": "liboxideqtcore-dev",
"binary_version": "1.21.5-0ubuntu0.16.04.1"
},
{
"binary_name": "liboxideqtcore0",
"binary_version": "1.21.5-0ubuntu0.16.04.1"
},
{
"binary_name": "liboxideqtquick-dev",
"binary_version": "1.21.5-0ubuntu0.16.04.1"
},
{
"binary_name": "liboxideqtquick0",
"binary_version": "1.21.5-0ubuntu0.16.04.1"
},
{
"binary_name": "oxideqt-codecs",
"binary_version": "1.21.5-0ubuntu0.16.04.1"
},
{
"binary_name": "oxideqt-codecs-extra",
"binary_version": "1.21.5-0ubuntu0.16.04.1"
}
]
}gst-libav1.0
Package
- Name
- gst-libav1.0
- Purl
- pkg:deb/ubuntu/gst-libav1.0@1.8.3-1ubuntu0.2?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:18.04:LTS
gst-libav1.0
Package
- Name
- gst-libav1.0
- Purl
- pkg:deb/ubuntu/gst-libav1.0@1.14.5-0ubuntu1~18.04.1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.9.5+dfsg-0ubuntu2?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.9.1+dfsg-4
5.9.1+dfsg-4ubuntu1
5.9.2+dfsg-2ubuntu1
5.9.3+dfsg-0ubuntu1
5.9.4+dfsg-0ubuntu1
5.9.5+dfsg-0ubuntu2
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.9.5+dfsg-0ubuntu2"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.9.5+dfsg-0ubuntu2"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.9.5+dfsg-0ubuntu2"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.9.5+dfsg-0ubuntu2"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.9.5+dfsg-0ubuntu2"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.9.5+dfsg-0ubuntu2"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.9.5+dfsg-0ubuntu2"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.9.5+dfsg-0ubuntu2"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.9.5+dfsg-0ubuntu2"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.9.5+dfsg-0ubuntu2"
}
]
}Ubuntu:20.04:LTS
gst-libav1.0
qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.12.8+dfsg-0ubuntu1.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.12.4+dfsg-1ubuntu1
5.12.4+dfsg-1ubuntu3
5.12.5+dfsg-3ubuntu1
5.12.5+dfsg-6ubuntu2
5.12.5+dfsg-7
5.12.5+dfsg-7build1
5.12.8+dfsg-0ubuntu1
5.12.8+dfsg-0ubuntu1.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
}
]
}Ubuntu:22.04:LTS
chromium-browser
Package
- Name
- chromium-browser
- Purl
- pkg:deb/ubuntu/chromium-browser@1:85.0.4183.83-0ubuntu2.22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "chromium-browser",
"binary_version": "1:85.0.4183.83-0ubuntu2.22.04.1"
},
{
"binary_name": "chromium-browser-l10n",
"binary_version": "1:85.0.4183.83-0ubuntu2.22.04.1"
},
{
"binary_name": "chromium-chromedriver",
"binary_version": "1:85.0.4183.83-0ubuntu2.22.04.1"
},
{
"binary_name": "chromium-codecs-ffmpeg",
"binary_version": "1:85.0.4183.83-0ubuntu2.22.04.1"
},
{
"binary_name": "chromium-codecs-ffmpeg-extra",
"binary_version": "1:85.0.4183.83-0ubuntu2.22.04.1"
}
]
}gst-libav1.0
qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.9+dfsg-1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.15.6+dfsg-1
5.15.6+dfsg-2
5.15.7+dfsg-2
5.15.8+dfsg-1
5.15.8+dfsg-1build1
5.15.8+dfsg-1build2
5.15.8+dfsg-2
5.15.9+dfsg-1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5pdf5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5pdfwidgets5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qml-module-qtquick-pdf",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qt5-image-formats-plugin-pdf",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtpdf5-dev",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtpdf5-doc-html",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtpdf5-examples",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.15.9+dfsg-1"
}
]
}Ubuntu:24.04:LTS
chromium-browser
Package
- Name
- chromium-browser
- Purl
- pkg:deb/ubuntu/chromium-browser@2:1snap1-0ubuntu2?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "chromium-browser",
"binary_version": "2:1snap1-0ubuntu2"
},
{
"binary_name": "chromium-browser-l10n",
"binary_version": "2:1snap1-0ubuntu2"
},
{
"binary_name": "chromium-chromedriver",
"binary_version": "2:1snap1-0ubuntu2"
},
{
"binary_name": "chromium-codecs-ffmpeg",
"binary_version": "2:1snap1-0ubuntu2"
},
{
"binary_name": "chromium-codecs-ffmpeg-extra",
"binary_version": "2:1snap1-0ubuntu2"
}
]
}gst-libav1.0
qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.16+dfsg-3?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.15.15+dfsg-2
5.15.15+dfsg-2build2
5.15.15+dfsg-2ubuntu1
5.15.16+dfsg-1
5.15.16+dfsg-1ubuntu2
5.15.16+dfsg-1ubuntu4
5.15.16+dfsg-3
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5pdf5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5pdfwidgets5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qml-module-qtquick-pdf",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qt5-image-formats-plugin-pdf",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtpdf5-dev",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtpdf5-doc-html",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtpdf5-examples",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.15.16+dfsg-3"
}
]
}Ubuntu:25.04
chromium-browser
Package
- Name
- chromium-browser
- Purl
- pkg:deb/ubuntu/chromium-browser@2:1snap1-0ubuntu3?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "chromium-browser",
"binary_version": "2:1snap1-0ubuntu3"
},
{
"binary_name": "chromium-browser-l10n",
"binary_version": "2:1snap1-0ubuntu3"
},
{
"binary_name": "chromium-chromedriver",
"binary_version": "2:1snap1-0ubuntu3"
},
{
"binary_name": "chromium-codecs-ffmpeg",
"binary_version": "2:1snap1-0ubuntu3"
},
{
"binary_name": "chromium-codecs-ffmpeg-extra",
"binary_version": "2:1snap1-0ubuntu3"
}
]
}gst-libav1.0
qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.18+dfsg-2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.15.17+dfsg-4
5.15.17+dfsg-5
5.15.17+dfsg2-1
5.15.17+dfsg2-2
5.15.17+dfsg2-3
5.15.18+dfsg-1
5.15.18+dfsg-2
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5pdf5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5pdfwidgets5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qml-module-qtquick-pdf",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qt5-image-formats-plugin-pdf",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtpdf5-dev",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtpdf5-doc-html",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtpdf5-examples",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.15.18+dfsg-2"
}
]
}Ubuntu:25.10
chromium-browser
Package
- Name
- chromium-browser
- Purl
- pkg:deb/ubuntu/chromium-browser@2:1snap1-0ubuntu3?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "chromium-browser",
"binary_version": "2:1snap1-0ubuntu3"
},
{
"binary_name": "chromium-browser-l10n",
"binary_version": "2:1snap1-0ubuntu3"
},
{
"binary_name": "chromium-chromedriver",
"binary_version": "2:1snap1-0ubuntu3"
},
{
"binary_name": "chromium-codecs-ffmpeg",
"binary_version": "2:1snap1-0ubuntu3"
},
{
"binary_name": "chromium-codecs-ffmpeg-extra",
"binary_version": "2:1snap1-0ubuntu3"
}
]
}gst-libav1.0
qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.19+dfsg2-1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5pdf5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5pdfwidgets5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qml-module-qtquick-pdf",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qt5-image-formats-plugin-pdf",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtpdf5-dev",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtpdf5-doc-html",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtpdf5-examples",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.15.19+dfsg2-1"
}
]
}