Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
605
VMScore

CVE-2018-20337

Published: 21/12/2018 Updated: 24/08/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

It exists that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

libraw libraw 0.19.1

Vendor Advisories

Ubuntu Security Notice: libraw vulnerabilities
Several security issues were fixed in LibRaw ...
Debian CVElist Bug Report Logs: libraw: CVE-2018-20337
Debian Bug report logs - #917080 libraw: CVE-2018-20337 Package: src:libraw; Maintainer for src:libraw is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 22 Dec 2018 09:51:01 UTC Severity: important Tags: fixed-upstream, se ...
Red Hat: Moderate: GNOME security, bug fix, and enhancement update
Synopsis Moderate: GNOME security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for GNOME is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Red Hat: Important: Container-native Virtualization security, bug fix, and enhancement update
Synopsis Important: Container-native Virtualization security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 240 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Securi ...
Red Hat: Moderate: OpenShift Container Platform 4.6.1 image security update
Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...
Red Hat: CVE-2018-20337
There is a stack-based buffer overflow in the parse_makernote function of dcraw_commoncpp in LibRaw 0191 Crafted input will lead to a denial of service or possibly unspecified other impact ...

References

CWE-787https://github.com/LibRaw/LibRaw/issues/192https://usn.ubuntu.com/3989-1/https://usn.ubuntu.com/3989-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842CVE-2024-30657CVE-2024-4534hardcodedSSRFCVE-2024-21683CVE-2024-5364file uploadCVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook