CVE-2018-20365
https://notcve.org/view.php?id=CVE-2018-20365
LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. LibRaw::raw2image() en libraw_cxx.cpp tiene un desbordamiento de búfer basado en memoria dinámica (heap). • http://www.securityfocus.com/bid/106299 https://github.com/LibRaw/LibRaw/issues/195 https://usn.ubuntu.com/3989-1 • CWE-787: Out-of-bounds Write •
CVE-2018-20364
https://notcve.org/view.php?id=CVE-2018-20364
LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. LibRaw::copy_bayer en libraw_cxx.cpp en LibRaw 0.19.1 tiene una desreferencia de puntero NULL. • http://www.securityfocus.com/bid/106299 https://github.com/LibRaw/LibRaw/issues/194 https://usn.ubuntu.com/3989-1 • CWE-476: NULL Pointer Dereference •
CVE-2018-20363
https://notcve.org/view.php?id=CVE-2018-20363
LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. LibRaw::raw2image en libraw_cxx.cpp en LibRaw 0.19.1 tiene una desreferencia de puntero NULL. • http://www.securityfocus.com/bid/106299 https://github.com/LibRaw/LibRaw/issues/193 https://usn.ubuntu.com/3989-1 • CWE-476: NULL Pointer Dereference •
CVE-2018-5818
https://notcve.org/view.php?id=CVE-2018-5818
An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop. Un error en la función "parse_rollei()" (internal/dcraw_common.cpp), en las versiones de LibRaw anteriores a la 0.19.1, podría explotarse para desencadenar un bucle infinito. • https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html https://secuniaresearch.flexerasoftware.com/secunia_research/2018-27 https://usn.ubuntu.com/3989-1 https://www.libraw.org/news/libraw-0-19-2-release • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2018-5819
https://notcve.org/view.php?id=CVE-2018-5819
An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources. Un error en la función "parse_sinar_ia()" (internal/dcraw_common.cpp), en las versiones de LibRaw anteriores a la 0.19.1, podría explotarse para agotar los recursos de la CPU disponibles. • https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html https://secuniaresearch.flexerasoftware.com/secunia_research/2018-27 https://usn.ubuntu.com/3989-1 https://www.libraw.org/news/libraw-0-19-2-release • CWE-400: Uncontrolled Resource Consumption •