CVE-2020-15503

Опубликовано: 02 июл. 2020

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
eoan	ignored	end of life
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
eoan	ignored	end of life
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
eoan	ignored	end of life
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
eoan	ignored	end of life
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	released	0.18.8-1ubuntu0.4
devel	not-affected	0.20.2-2ubuntu2
eoan	ignored	end of life
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	0.18.8-1ubuntu0.4
esm-infra/focal	not-affected	0.19.5-1ubuntu1.1
esm-infra/xenial	needs-triage
focal	released	0.19.5-1ubuntu1.1
groovy	ignored	end of life
hirsute	ignored	end of life

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
eoan	ignored	end of life
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	DNE
eoan	DNE
esm-apps/bionic	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
focal	DNE
groovy	DNE
hirsute	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
devel	DNE
eoan	DNE
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
focal	DNE
groovy	DNE
hirsute	DNE
impish	DNE
jammy	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 72%

0.0077

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-15503

CVSS3: 7.5

redhat

почти 5 лет назад

CVE-2020-15503

CVSS3: 7.5

nvd

почти 5 лет назад

CVE-2020-15503

CVSS3: 7.5

msrc

11 месяцев назад

Описание отсутствует

CVE-2020-15503

CVSS3: 7.5

debian

почти 5 лет назад

LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affect ...

openSUSE-SU-2020:1128-1

suse-cvrf

почти 5 лет назад

Security update for libraw

EPSS

Процентиль: 72%

0.0077

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2020-15503

Описание

Пакет darktable

Пакет dcraw

Пакет exactimage

Пакет kodi

Пакет libraw

Пакет rawtherapee

Пакет ufraw

Пакет xbmc

Ссылки на источники

Связанные уязвимости