CPE-9F361FE0-7346-4FCC-93F8-55A0BEACC4D8 Detail

CPE Details

LibRaw 0.14.6

Vendor

libraw

Product

libraw

Version

0.14.6

Created

2013-09-25
16h34 +00:00

Modified

2013-09-25
16h39 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:libraw:libraw:0.14.6:::::::*

Informations

Vendor

libraw

Product

libraw

Version

0.14.6

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2020-22628	2023-08-21 22h00 +00:00	Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp.	6.5	Medium
CVE-2023-1729	2023-05-14 22h00 +00:00	A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.	6.5	Medium
CVE-2020-24870	2021-06-02 13h32 +00:00	Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.	8.8	High
CVE-2020-24889	2020-09-16 12h55 +00:00	A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution.	7.8	High
CVE-2020-15503	2020-07-01 22h00 +00:00	LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength.	7.5	High
CVE-2015-8366	2020-01-14 14h19 +00:00	Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes.	9.8	Critical
CVE-2015-8367	2020-01-14 14h19 +00:00	The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.	9.8	Critical
CVE-2018-5817	2019-02-20 18h00 +00:00	A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop.	7.5	High
CVE-2018-5819	2019-02-20 18h00 +00:00	An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources.	7.5	High
CVE-2018-5818	2019-02-20 17h00 +00:00	An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop.	7.5	High
CVE-2018-20363	2018-12-22 16h00 +00:00	LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.	6.5	Medium
CVE-2018-20364	2018-12-22 16h00 +00:00	LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.	6.5	Medium
CVE-2018-20365	2018-12-22 16h00 +00:00	LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.	6.5	Medium
CVE-2017-16909	2018-12-07 21h00 +00:00	An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.	8.8	High
CVE-2017-16910	2018-12-07 21h00 +00:00	An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.	6.5	Medium
CVE-2018-5800	2018-12-07 21h00 +00:00	An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.	6.5	Medium
CVE-2018-5801	2018-12-07 21h00 +00:00	An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference.	6.5	Medium
CVE-2018-5802	2018-12-07 21h00 +00:00	An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.	8.8	High
CVE-2018-5804	2018-12-07 21h00 +00:00	A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.	6.5	Medium
CVE-2018-5805	2018-12-07 21h00 +00:00	A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash.	8.8	High
CVE-2018-5806	2018-12-07 21h00 +00:00	An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.	6.5	Medium
CVE-2018-5807	2018-12-07 21h00 +00:00	An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.	8.8	High
CVE-2018-5808	2018-12-07 21h00 +00:00	An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.	8.8	High
CVE-2018-5809	2018-12-07 21h00 +00:00	An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code.	8.8	High
CVE-2018-5810	2018-12-07 21h00 +00:00	An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.	8.8	High
CVE-2018-5811	2018-12-07 21h00 +00:00	An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.	6.5	Medium
CVE-2018-5812	2018-12-07 21h00 +00:00	An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.	6.5	Medium
CVE-2018-5813	2018-12-07 21h00 +00:00	An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file.	6.5	Medium
CVE-2018-5815	2018-12-07 21h00 +00:00	An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file.	6.5	Medium
CVE-2018-5816	2018-12-07 21h00 +00:00	An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804).	6.5	Medium
CVE-2017-14608	2017-09-20 15h00 +00:00	In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.	9.1	Critical
CVE-2017-14348	2017-09-12 17h00 +00:00	LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.	8.8	High
CVE-2017-14265	2017-09-11 07h00 +00:00	A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.	9.8	Critical
CVE-2017-6886	2017-05-16 13h00 +00:00	An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.	9.8	Critical
CVE-2017-6887	2017-05-16 13h00 +00:00	A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.	7.8	High
CVE-2013-1439	2013-09-16 17h00 +00:00	The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file.	4.3
CVE-2013-2126	2013-08-14 15h00 +00:00	Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.	7.5
CVE-2013-2127	2013-08-14 15h00 +00:00	Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.	7.5

LibRaw 0.14.6

CPE Details

CPE Name: cpe:2.3:a:libraw:libraw:0.14.6:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:libraw:libraw:0.14.6:::::::*