CVE-2018-19567

Опубликовано: 26 нояб. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.

Ссылки

https://seclists.org/oss-sec/2018/q4/165
Mailing List
Third Party Advisory
https://seclists.org/oss-sec/2018/q4/171
Mailing List
Third Party Advisory
https://seclists.org/oss-sec/2018/q4/165
Mailing List
Third Party Advisory
https://seclists.org/oss-sec/2018/q4/171
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dcraw_project:dcraw:*:*:*:*:*:*:*:*

Версия до 9.28 (включая)

EPSS

Процентиль: 38%

0.00165

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2018-19567

CVSS3: 5.5

ubuntu

около 7 лет назад

A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.

CVE-2018-19567

CVSS3: 3.3

redhat

около 7 лет назад

A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.

CVE-2018-19567

CVSS3: 5.5

debian

около 7 лет назад

A floating point exception in parse_tiff_ifd in dcraw through 9.28 cou ...

GHSA-9qgh-5hw9-p93q

CVSS3: 5.5

github

больше 3 лет назад

A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.

SUSE-SU-2022:1749-1

suse-cvrf

больше 3 лет назад

Security update for dcraw

EPSS

Процентиль: 38%

0.00165

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-119