CVE-2020-15365

Опубликовано: 28 июн. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.

Ссылки

https://github.com/LibRaw/LibRaw/compare/0.20-Beta2...0.20-Beta3
Third Party Advisory
https://github.com/LibRaw/LibRaw/issues/301
Exploit
Third Party Advisory
https://github.com/LibRaw/LibRaw/compare/0.20-Beta2...0.20-Beta3
Third Party Advisory
https://github.com/LibRaw/LibRaw/issues/301
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libraw:libraw:0.20:beta3:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.00284

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

CVE-2020-15365

CVSS3: 6.5

ubuntu

больше 5 лет назад

LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.

CVE-2020-15365

CVSS3: 7.5

redhat

больше 5 лет назад

LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.

CVE-2020-15365

CVSS3: 6.5

debian

больше 5 лет назад

LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in ...

GHSA-x3r5-4qvw-fphx

CVSS3: 6.5

github

больше 3 лет назад

LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.

EPSS

Процентиль: 51%

0.00284

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-787