CVE-2018-19567

Опубликовано: 23 нояб. 2018

Источник: redhat

CVSS3: 3.3

EPSS Низкий

Описание

A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	dcraw	Will not fix
Red Hat Enterprise Linux 6	dcraw	Will not fix
Red Hat Enterprise Linux 7	dcraw	Fix deferred
Red Hat Enterprise Linux 8	dcraw	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-369

https://bugzilla.redhat.com/show_bug.cgi?id=1656779dcraw: A floating point exception in parse_tiff_ifd resulting in a denial of service

EPSS

Процентиль: 38%

0.00165

Низкий

3.3 Low

CVSS3

Связанные уязвимости

CVE-2018-19567

CVSS3: 5.5

ubuntu

около 7 лет назад

A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.

CVE-2018-19567

CVSS3: 5.5

nvd

около 7 лет назад

A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.

CVE-2018-19567

CVSS3: 5.5

debian

около 7 лет назад

A floating point exception in parse_tiff_ifd in dcraw through 9.28 cou ...

GHSA-9qgh-5hw9-p93q

CVSS3: 5.5

github

больше 3 лет назад

A floating point exception in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.

SUSE-SU-2022:1749-1

suse-cvrf

больше 3 лет назад

Security update for dcraw

EPSS

Процентиль: 38%

0.00165

Низкий

3.3 Low

CVSS3