Candidate: CVE-2018-18718
PublicDate: 2018-10-29 12:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18718
 https://gitlab.gnome.org/GNOME/gthumb/issues/18
Description:
 An issue was discovered in gThumb through 3.6.2. There is a double-free
 vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c
 because of two successive calls of g_free, each of which frees the same
 buffer.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [7.8 HIGH]


Patches_gthumb:
upstream_gthumb: released (3:3.6.2-2)
precise/esm_gthumb: DNE
trusty_gthumb: ignored (reached end-of-life)
trusty/esm_gthumb: DNE (trusty was needs-triage)
xenial_gthumb: ignored (end of standard support, was needed)
bionic_gthumb: needed
cosmic_gthumb: ignored (reached end-of-life)
disco_gthumb: not-affected (3:3.6.2-2)
eoan_gthumb: not-affected (3:3.6.2-2)
focal_gthumb: not-affected (3:3.6.2-2)
groovy_gthumb: not-affected (3:3.6.2-2)
hirsute_gthumb: not-affected (3:3.6.2-2)
impish_gthumb: not-affected (3:3.6.2-2)
jammy_gthumb: not-affected (3:3.6.2-2)
devel_gthumb: not-affected (3:3.6.2-2)