Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libraw
(Libraw)| Repositories | https://github.com/LibRaw/LibRaw |
| #Vulnerabilities | 51 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-09-12 | CVE-2017-14348 | LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file. | Libraw | 8.8 | ||
| 2017-09-11 | CVE-2017-14265 | A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack. | Libraw | 9.8 | ||
| 2017-08-29 | CVE-2017-13735 | There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. It will lead to a remote denial of service attack. | Libraw | 7.5 | ||
| 2013-08-14 | CVE-2013-2127 | Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | Libraw | N/A | ||
| 2013-08-14 | CVE-2013-2126 | Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file. | Ubuntu_linux, Libraw, Opensuse | N/A | ||
| 2013-09-16 | CVE-2013-1439 | The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file. | Libraw | N/A |