Back

Critical Vulnerabilities in Coin3D Affect Multiple Ubuntu Releases

Severity: Medium (Score: 57.8)

Sources: Linuxsecurity, Ubuntu

Summary

On May 7, 2026, Ubuntu announced security vulnerabilities in Coin3D, affecting Ubuntu LTS releases 18.04, 16.04, and 14.04. The vulnerabilities stem from Expat's improper handling of certain files, potentially allowing attackers to crash the system or execute arbitrary code. The affected versions include libcoin80-runtime and libcoin80, with specific updates available for Ubuntu Pro users. The vulnerabilities are identified as CVE-2022-25235 and CVE-2022-25236, both published on February 16, 2022. Users are advised to perform standard system updates to mitigate the risks. The issue highlights the ongoing need for vigilance in maintaining software security across supported systems. Key Points: • Coin3D vulnerabilities affect Ubuntu 18.04, 16.04, and 14.04 LTS versions. • CVE-2022-25235 and CVE-2022-25236 could allow attackers to execute arbitrary code. • Users are urged to update their systems to the latest package versions to mitigate risks.

Key Entities

  • CVE-2022-25235 (cve)
  • CVE-2022-25236 (cve)
  • Coin3D (platform)
  • Expat (platform)
  • Open Inventor API (platform)
  • Ubuntu Pro (platform)
  • Ubuntu (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed