UBUNTU-CVE-2019-12214
- Source
- https://ubuntu.com/security/CVE-2019-12214
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-12214.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2019-12214
- Upstream
- Published
- 2019-05-20T16:29:00Z
- Modified
- 2025-10-24T04:47:39Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2kreadppmv3 function in j2k.c. The value of lNppm comes from the file read in, and the code does not consider that lNppm may be greater than the size of pheader_data.
- References
Affected packages
Ubuntu:20.04:LTS
freeimage
Package
- Name
- freeimage
- Purl
- pkg:deb/ubuntu/freeimage@3.18.0+ds2-1ubuntu3.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.18.0+ds2-1ubuntu1
3.18.0+ds2-1ubuntu2
3.18.0+ds2-1ubuntu3
3.18.0+ds2-1ubuntu3.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.18.0+ds2-1ubuntu3.1",
"binary_name": "libfreeimage-dev"
},
{
"binary_version": "3.18.0+ds2-1ubuntu3.1",
"binary_name": "libfreeimage3"
},
{
"binary_version": "3.18.0+ds2-1ubuntu3.1",
"binary_name": "libfreeimageplus-dev"
},
{
"binary_version": "3.18.0+ds2-1ubuntu3.1",
"binary_name": "libfreeimageplus3"
}
]
}Ubuntu:22.04:LTS
freeimage
Package
- Name
- freeimage
- Purl
- pkg:deb/ubuntu/freeimage@3.18.0+ds2-6ubuntu5.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.18.0+ds2-6ubuntu3
3.18.0+ds2-6ubuntu4
3.18.0+ds2-6ubuntu5
3.18.0+ds2-6ubuntu5.1
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.18.0+ds2-6ubuntu5.1",
"binary_name": "libfreeimage-dev"
},
{
"binary_version": "3.18.0+ds2-6ubuntu5.1",
"binary_name": "libfreeimage3"
},
{
"binary_version": "3.18.0+ds2-6ubuntu5.1",
"binary_name": "libfreeimageplus-dev"
},
{
"binary_version": "3.18.0+ds2-6ubuntu5.1",
"binary_name": "libfreeimageplus3"
}
]
}Ubuntu:24.04:LTS
freeimage
Package
- Name
- freeimage
- Purl
- pkg:deb/ubuntu/freeimage@3.18.0+ds2-10build4?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.18.0+ds2-9.1
3.18.0+ds2-10
3.18.0+ds2-10build2
3.18.0+ds2-10build3
3.18.0+ds2-10build4
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.18.0+ds2-10build4",
"binary_name": "libfreeimage-dev"
},
{
"binary_version": "3.18.0+ds2-10build4",
"binary_name": "libfreeimage3"
},
{
"binary_version": "3.18.0+ds2-10build4",
"binary_name": "libfreeimageplus-dev"
},
{
"binary_version": "3.18.0+ds2-10build4",
"binary_name": "libfreeimageplus3"
}
]
}Ubuntu:25.04
freeimage
Package
- Name
- freeimage
- Purl
- pkg:deb/ubuntu/freeimage@3.18.0+ds2-11?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.18.0+ds2-11",
"binary_name": "libfreeimage-dev"
},
{
"binary_version": "3.18.0+ds2-11",
"binary_name": "libfreeimage3"
},
{
"binary_version": "3.18.0+ds2-11",
"binary_name": "libfreeimageplus-dev"
},
{
"binary_version": "3.18.0+ds2-11",
"binary_name": "libfreeimageplus3"
}
]
}Ubuntu:25.10
freeimage
Package
- Name
- freeimage
- Purl
- pkg:deb/ubuntu/freeimage@3.18.0+ds2-11?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.18.0+ds2-11",
"binary_name": "libfreeimage-dev"
},
{
"binary_version": "3.18.0+ds2-11",
"binary_name": "libfreeimage3"
},
{
"binary_version": "3.18.0+ds2-11",
"binary_name": "libfreeimageplus-dev"
},
{
"binary_version": "3.18.0+ds2-11",
"binary_name": "libfreeimageplus3"
}
]
}Ubuntu:Pro:14.04:LTS
freeimage
Package
- Name
- freeimage
- Purl
- pkg:deb/ubuntu/freeimage@3.15.4-3ubuntu0.1+esm3?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:16.04:LTS
freeimage
Package
- Name
- freeimage
- Purl
- pkg:deb/ubuntu/freeimage@3.17.0+ds1-2ubuntu0.1+esm1?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.15.4-4.1build1
3.15.4-6
3.17.0+ds1-1.1
3.17.0+ds1-2
3.17.0+ds1-2ubuntu0.1
3.17.0+ds1-2ubuntu0.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.17.0+ds1-2ubuntu0.1+esm1",
"binary_name": "libfreeimage-dev"
},
{
"binary_version": "3.17.0+ds1-2ubuntu0.1+esm1",
"binary_name": "libfreeimage3"
},
{
"binary_version": "3.17.0+ds1-2ubuntu0.1+esm1",
"binary_name": "libfreeimageplus-dev"
},
{
"binary_version": "3.17.0+ds1-2ubuntu0.1+esm1",
"binary_name": "libfreeimageplus3"
}
]
}Ubuntu:Pro:18.04:LTS
freeimage
Package
- Name
- freeimage
- Purl
- pkg:deb/ubuntu/freeimage@3.17.0+ds1-5+deb9u1ubuntu0.1~esm1?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.17.0+ds1-5build2
3.17.0+ds1-5+deb9u1build0.18.04.1
3.17.0+ds1-5+deb9u1ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.17.0+ds1-5+deb9u1ubuntu0.1~esm1",
"binary_name": "libfreeimage-dev"
},
{
"binary_version": "3.17.0+ds1-5+deb9u1ubuntu0.1~esm1",
"binary_name": "libfreeimage3"
},
{
"binary_version": "3.17.0+ds1-5+deb9u1ubuntu0.1~esm1",
"binary_name": "libfreeimageplus-dev"
},
{
"binary_version": "3.17.0+ds1-5+deb9u1ubuntu0.1~esm1",
"binary_name": "libfreeimageplus3"
}
]
}