{"id":"USN-4238-1","summary":"sdl-image1.2 vulnerabilities","details":"It was discovered that SDL_image incorrectly handled certain image files. An\nattacker could possibly use this issue to cause a denial of service or other\nunspecified impact.\n","modified":"2026-04-27T15:48:23.449690158Z","published":"2020-01-14T15:01:52Z","related":["UBUNTU-CVE-2018-3977","UBUNTU-CVE-2019-12216","UBUNTU-CVE-2019-12217","UBUNTU-CVE-2019-12218","UBUNTU-CVE-2019-12219","UBUNTU-CVE-2019-12220","UBUNTU-CVE-2019-12221","UBUNTU-CVE-2019-12222","UBUNTU-CVE-2019-13616","UBUNTU-CVE-2019-5051","UBUNTU-CVE-2019-5052","UBUNTU-CVE-2019-7635"],"upstream":["CVE-2018-3977","CVE-2019-12216","CVE-2019-12217","CVE-2019-12218","CVE-2019-12219","CVE-2019-12220","CVE-2019-12221","CVE-2019-12222","CVE-2019-13616","CVE-2019-5051","CVE-2019-5052","CVE-2019-7635","UBUNTU-CVE-2018-3977","UBUNTU-CVE-2019-12216","UBUNTU-CVE-2019-12217","UBUNTU-CVE-2019-12218","UBUNTU-CVE-2019-12219","UBUNTU-CVE-2019-12220","UBUNTU-CVE-2019-12221","UBUNTU-CVE-2019-12222","UBUNTU-CVE-2019-13616","UBUNTU-CVE-2019-5051","UBUNTU-CVE-2019-5052","UBUNTU-CVE-2019-7635"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4238-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-3977"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-5051"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-5052"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-7635"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12216"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12217"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12218"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12219"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12220"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12221"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-12222"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-13616"}],"affected":[{"package":{"name":"sdl-image1.2","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/sdl-image1.2@1.2.12-5+deb9u1ubuntu0.16.04.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.12-5+deb9u1ubuntu0.16.04.1"}]}],"versions":["1.2.12-5build2","1.2.12-5+deb9u1build0.16.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1.2.12-5+deb9u1ubuntu0.16.04.1","binary_name":"libsdl-image1.2"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2018-3977"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-5051"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-5052"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-7635"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-12216"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12217"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-12218"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12219"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12220"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12221"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12222"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-13616"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4238-1.json"}},{"package":{"name":"sdl-image1.2","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/sdl-image1.2@1.2.12-8ubuntu0.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.12-8ubuntu0.1"}]}],"versions":["1.2.12-6","1.2.12-7","1.2.12-8"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"1.2.12-8ubuntu0.1","binary_name":"libsdl-image1.2"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2018-3977"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-5051"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-5052"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-7635"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-12216"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12217"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2019-12218"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12219"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12220"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12221"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-12222"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2019-13616"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4238-1.json"}}],"schema_version":"1.7.5"}