Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-24870

Опубликовано: 02 июн. 2021
Источник: ubuntu
Приоритет: medium
CVSS2: 6.8
CVSS3: 8.8

Описание

Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

not-affected

code not present
devel

not-affected

code not present
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

code not present
esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
groovy

not-affected

code not present
hirsute

not-affected

code not present
impish

not-affected

code not present

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-24870

CVSS3: 8.1
redhat
больше 5 лет назад

Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.

nvd логотип

CVE-2020-24870

CVSS3: 8.8
nvd
больше 4 лет назад

Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.

debian логотип

CVE-2020-24870

CVSS3: 8.8
debian
больше 4 лет назад

Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_ ...

github логотип

GHSA-p736-65cp-9pj8

CVSS3: 8.8
github
больше 3 лет назад

Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.

fstec логотип

BDU:2021-04597

CVSS3: 8.8
fstec
больше 5 лет назад

Уязвимость функции LibRaw::identify_process_dng_fields компонента identify.cpp библиотеки для обработки изображений LibRaw, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

6.8 Medium

CVSS2

8.8 High

CVSS3