Описание
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
Ссылки
- Issue TrackingPatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.21.2 (исключая)
cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00063
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-119
CWE-787
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 2 лет назад
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
CVSS3: 3.3
redhat
больше 2 лет назад
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
CVSS3: 6.5
debian
больше 2 лет назад
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() c ...
EPSS
Процентиль: 20%
0.00063
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-119
CWE-787