Lucene search

UbuntuUSN-5407-1

HistoryMay 10, 2022 - 12:00 a.m.

Cairo vulnerabilities

2022-05-1000:00:00

ubuntu.com

129

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.8 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.2%

JSON

Releases

Ubuntu 16.04 ESM

Packages

cairo - Cairo 2D vector graphics library performance utilities

Details

Gustavo Grieco, Alberto Garcia, Francisco Oca, Suleman Ali, and others
discovered that Cairo incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2016-9082, CVE-2017-9814, CVE-2019-6462)

Stephan Bergmann discovered that Cairo incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code.
(CVE-2020-35492)

OSVersionArchitecturePackageVersionFilename
Ubuntu16.04noarchcairo-perf-utils< 1.14.6-1ubuntu0.1~esm1UNKNOWN
Ubuntu16.04noarchcairo-perf-utils< 1.14.6-1UNKNOWN
Ubuntu16.04noarchcairo-perf-utils-dbgsym< 1.14.6-1UNKNOWN
Ubuntu16.04noarchlibcairo-gobject2< 1.14.6-1UNKNOWN
Ubuntu16.04noarchlibcairo-gobject2-dbgsym< 1.14.6-1UNKNOWN
Ubuntu16.04noarchlibcairo-script-interpreter2< 1.14.6-1UNKNOWN
Ubuntu16.04noarchlibcairo-script-interpreter2-dbgsym< 1.14.6-1UNKNOWN
Ubuntu16.04noarchlibcairo2< 1.14.6-1UNKNOWN
Ubuntu16.04noarchlibcairo2-dbg< 1.14.6-1UNKNOWN
Ubuntu16.04noarchlibcairo2-dbgsym< 1.14.6-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	16.04	noarch	cairo-perf-utils	< 1.14.6-1ubuntu0.1~esm1	UNKNOWN
Ubuntu	16.04	noarch	cairo-perf-utils	< 1.14.6-1	UNKNOWN
Ubuntu	16.04	noarch	cairo-perf-utils-dbgsym	< 1.14.6-1	UNKNOWN
Ubuntu	16.04	noarch	libcairo-gobject2	< 1.14.6-1	UNKNOWN
Ubuntu	16.04	noarch	libcairo-gobject2-dbgsym	< 1.14.6-1	UNKNOWN
Ubuntu	16.04	noarch	libcairo-script-interpreter2	< 1.14.6-1	UNKNOWN
Ubuntu	16.04	noarch	libcairo-script-interpreter2-dbgsym	< 1.14.6-1	UNKNOWN
Ubuntu	16.04	noarch	libcairo2	< 1.14.6-1	UNKNOWN
Ubuntu	16.04	noarch	libcairo2-dbg	< 1.14.6-1	UNKNOWN
Ubuntu	16.04	noarch	libcairo2-dbgsym	< 1.14.6-1	UNKNOWN