Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libraw libraw vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-20364
LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
Libraw Libraw
4.3
CVSSv2
CVE-2018-20363
LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.
Libraw Libraw
7.5
CVSSv2
CVE-2015-8367
The phase_one_correct function in Libraw prior to 0.17.1 allows malicious users to cause memory errors and possibly execute arbitrary code, related to memory object initialization.
Libraw Libraw
5
CVSSv2
CVE-2020-15503
LibRaw prior to 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength.
Libraw Libraw 0.20
Libraw Libraw
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 10.0
NA
CVE-2021-32142
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows malicious user to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.
Libraw Libraw 0.20.0
5
CVSSv2
CVE-2017-13735
There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack.
Libraw Libraw 0.18.2
2.6
CVSSv2
CVE-2020-24890
libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way
Libraw Libraw 0.20.0
6.8
CVSSv2
CVE-2018-20337
There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact.
Libraw Libraw 0.19.1
4.3
CVSSv2
CVE-2020-15365
LibRaw prior to 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.
Libraw Libraw 0.20
7.5
CVSSv2
CVE-2017-6889
An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 prior to 0.18.2 can be exploited to cause a heap-based buffer overflow.
Libraw Libraw-demosaic-pack-gpl2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »