Описание
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
Ссылки
- PatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:libraw:libraw:0.20.0:-:*:*:*:*:*:*
cpe:2.3:a:libraw:libraw:0.20.0:rc2:*:*:*:*:*:*
cpe:2.3:a:libraw:libraw:0.20.1:*:*:*:*:*:*:*
cpe:2.3:a:libraw:libraw:0.20.2:*:*:*:*:*:*:*
cpe:2.3:a:libraw:libraw:0.21.0:beta1:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00155
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-400
CWE-770
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 3 лет назад
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
CVSS3: 5.5
redhat
почти 6 лет назад
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
CVSS3: 5.5
debian
больше 3 лет назад
In LibRaw, there is a memory corruption vulnerability within the "crxF ...
CVSS3: 5.5
github
больше 3 лет назад
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
EPSS
Процентиль: 37%
0.00155
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-400
CWE-770