CVE-2018-10528

Опубликовано: 29 апр. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.

Ссылки

https://github.com/LibRaw/LibRaw/commit/efd8cfabb93fd0396266a7607069901657c082e3
Patch
Vendor Advisory
https://github.com/LibRaw/LibRaw/issues/144
Third Party Advisory
https://usn.ubuntu.com/3639-1/
Third Party Advisory
https://github.com/LibRaw/LibRaw/commit/efd8cfabb93fd0396266a7607069901657c082e3
Patch
Vendor Advisory
https://github.com/LibRaw/LibRaw/issues/144
Third Party Advisory
https://usn.ubuntu.com/3639-1/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Конфигурация 2

cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.0194

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2018-10528

CVSS3: 8.8

ubuntu

почти 8 лет назад

An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.

CVE-2018-10528

CVSS3: 5.3

redhat

почти 8 лет назад

An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.

CVE-2018-10528

CVSS3: 8.8

debian

почти 8 лет назад

An issue was discovered in LibRaw 0.18.9. There is a stack-based buffe ...

GHSA-wqh9-39m5-8c9r

CVSS3: 8.8

github

больше 3 лет назад

An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.

openSUSE-SU-2018:1138-1

suse-cvrf

почти 8 лет назад

Security update for libraw

EPSS

Процентиль: 83%

0.0194

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787