Libraw Libraw 0.20.0 Release Candidate 2

CPE Details

Libraw Libraw 0.20.0 Release Candidate 2
0.20.0
2022-09-06
14h22 +00:00
2022-11-04
17h44 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:libraw:libraw:0.20.0:rc2:*:*:*:*:*:*

Informations

Vendor

libraw

Product

libraw

Version

0.20.0

Update

rc2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-1729 2023-05-14 22h00 +00:00 A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
6.5
Moyen
CVE-2021-32142 2023-02-17 00h00 +00:00 Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.
7.8
Haute
CVE-2020-35533 2022-09-01 15h54 +00:00 In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.
5.5
Moyen
CVE-2020-35534 2022-09-01 15h54 +00:00 In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
5.5
Moyen
CVE-2020-35535 2022-09-01 15h54 +00:00 In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.
5.5
Moyen
CVE-2020-35530 2022-09-01 15h52 +00:00 In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.
5.5
Moyen
CVE-2020-35531 2022-09-01 15h52 +00:00 In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.
5.5
Moyen
CVE-2020-35532 2022-09-01 15h51 +00:00 In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.
5.5
Moyen
CVE-2020-24870 2021-06-02 13h32 +00:00 Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.
8.8
Haute
CVE-2020-24890 2020-09-16 12h39 +00:00 libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way
5.5
Moyen