CVE-2021-32142

Опубликовано: 17 фев. 2023

Источник: redhat

CVSS3: 5.3

EPSS Низкий

Описание

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.

A flaw was found in the LibRaw package. A stack buffer overflow in the LibRaw_buffer_datastream::gets() function in src/libraw_datastream.cpp caused by a maliciously crafted file may result in compromised confidentiality and integrity and an application crash.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-121->CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=2172004LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp

EPSS

Процентиль: 4%

0.0002

Низкий

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2021-32142

CVSS3: 7.8

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.

CVE-2021-32142

CVSS3: 7.8

nvd

больше 2 лет назад

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.

CVE-2021-32142

CVSS3: 7.8

msrc

6 месяцев назад

Описание отсутствует

CVE-2021-32142

CVSS3: 7.8

debian

больше 2 лет назад

Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows atta ...

SUSE-SU-2023:0512-1

suse-cvrf

больше 2 лет назад

Security update for libraw

EPSS

Процентиль: 4%

0.0002

Низкий

5.3 Medium

CVSS3