CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-22628 – Ubuntu Security Notice USN-6377-1
https://notcve.org/view.php?id=CVE-2020-22628
22 Aug 2023 — Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp. Vulnerabilidad de desbordamiento de búfer en la función LibRaw::stretch() en libraw\src\postprocessing\aspect_ratio.cpp. Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in digiKam, did not correctly parse certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. • https://github.com/LibRaw/LibRaw/issues/269 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-1729 – LibRaw: a heap-buffer-overflow in raw2image_ex()
https://notcve.org/view.php?id=CVE-2023-1729
15 May 2023 — A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in digiKam, did not correctly parse certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. • https://bugzilla.redhat.com/show_bug.cgi?id=2188240 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-24870 – LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp
https://notcve.org/view.php?id=CVE-2020-24870
02 Jun 2021 — Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp. Libraw versiones anteriores a 0.20.1, tiene un desbordamiento del búfer de lapila por medio de la función LibRaw::identify_process_dng_fields en el archivo identify.cpp A stack buffer overflow vulnerability was found in LibRaw. This flaw allows a malicious user to send a crafted image that, when parsed by an application linked to LibRaw, leads to a denial of service or potential code execution. GNOME is... • https://github.com/LibRaw/LibRaw/commit/4feaed4dea636cee4fee010f615881ccf76a096d • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-24889 – Gentoo Linux Security Advisory 202010-05
https://notcve.org/view.php?id=CVE-2020-24889
16 Sep 2020 — A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution. Una vulnerabilidad de desbordamiento de búfer en LibRaw versiones anteriores a 20.0, la función LibRaw::GetNormalizedModel en el archivo src/metadata/normalize_model.cpp puede conllevar a una ejecución de código arbitraria dependiendo del contexto Multiple vulnerabilities have been found in LibRaw, the worst of which may allow attacke... • https://github.com/LibRaw/LibRaw/issues/334 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-15503 – LibRaw: lack of thumbnail size range check can lead to buffer overflow
https://notcve.org/view.php?id=CVE-2020-15503
02 Jul 2020 — LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. LibRaw versiones anteriores a 0.20-RC1, carece de una comprobación de rango de tamaño de miniaturas. Esto afecta a los archivos decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, y utils/thumb_utils.cpp. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00075.html • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20363
https://notcve.org/view.php?id=CVE-2018-20363
22 Dec 2018 — LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. LibRaw::raw2image en libraw_cxx.cpp en LibRaw 0.19.1 tiene una desreferencia de puntero NULL. • http://www.securityfocus.com/bid/106299 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20364
https://notcve.org/view.php?id=CVE-2018-20364
22 Dec 2018 — LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. LibRaw::copy_bayer en libraw_cxx.cpp en LibRaw 0.19.1 tiene una desreferencia de puntero NULL. • http://www.securityfocus.com/bid/106299 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 1CVE-2018-20365
https://notcve.org/view.php?id=CVE-2018-20365
22 Dec 2018 — LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. LibRaw::raw2image() en libraw_cxx.cpp tiene un desbordamiento de búfer basado en memoria dinámica (heap). • http://www.securityfocus.com/bid/106299 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2018-5817 – Ubuntu Security Notice USN-3989-1
https://notcve.org/view.php?id=CVE-2018-5817
18 Dec 2018 — A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. Un error de confusión de tipos en la función "unpacked_load_raw()" en LibRaw, en versiones anteriores a la 0.19.1 (internal/dcraw_common.cpp), puede ser explotado para desencadenar un bucle infinito. Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial ... • https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5818 – LibRaw 0.19.0 Denial of Service
https://notcve.org/view.php?id=CVE-2018-5818
18 Dec 2018 — An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop. Un error en la función "parse_rollei()" (internal/dcraw_common.cpp), en las versiones de LibRaw anteriores a la 0.19.1, podría explotarse para desencadenar un bucle infinito. Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). A type confusion error within t... • https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •