CVE-2020-35535

Опубликовано: 01 сент. 2022

Источник: debian

Описание

In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libraw	fixed	0.20.0-4		package
libraw	not-affected		buster	package
libraw	not-affected		stretch	package

Примечания

https://github.com/LibRaw/LibRaw/issues/283
https://github.com/LibRaw/LibRaw/commit/c243f4539233053466c1309bde606815351bee81 (0.20-RC2)

Связанные уязвимости

CVE-2020-35535

CVSS3: 5.5

ubuntu

больше 3 лет назад

In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.

CVE-2020-35535

CVSS3: 5.5

redhat

больше 5 лет назад

In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.

CVE-2020-35535

CVSS3: 5.5

nvd

больше 3 лет назад

In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.

GHSA-6rcc-x427-r87m

CVSS3: 5.5

github

больше 3 лет назад

In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.