Search CVE reports

41 – 50 of 59 results

Detailed view

Sort by:

CVE-2018-10529

Medium priority

Some fixes available 17 of 107

An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.

8 affected packages

libraw, ufraw, xbmc, darktable, dcraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libraw	Fixed	Fixed	Fixed	Fixed
ufraw	Not in release	Not in release	Not in release	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-10528

Medium priority

Some fixes available 17 of 107

An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.

8 affected packages

kodi, rawtherapee, xbmc, libraw, ufraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release
libraw	Fixed	Fixed	Fixed	Fixed
ufraw	Not in release	Not in release	Not in release	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow.

1 affected package

libraw

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libraw	—	—	—	—

CVE-2017-6889

Medium priority

Not affected

An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow.

1 affected package

libraw

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libraw	—	—	—	—

CVE-2017-6887

Low priority

Some fixes available 3 of 113

A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100"...

12 affected packages

dcraw, darktable, exactimage, kodi, rawtherapee...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Vulnerable
flphoto	Not in release	Not in release	Not in release	Not in release
freeimage	Not affected	Not affected	Not affected	Not affected
graphicsmagick	Not affected	Not affected	Not affected	Not affected
rawstudio	Not in release	Not in release	Not in release	Not in release
xbmc	Not in release	Not in release	Not in release	Not in release

CVE-2017-6886

Low priority

Some fixes available 3 of 113

An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.

12 affected packages

darktable, flphoto, dcraw, exactimage, kodi...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
flphoto	Not in release	Not in release	Not in release	Not in release
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation
rawstudio	Not in release	Not in release	Not in release	Not in release
freeimage	Not affected	Not affected	Not affected	Not affected
graphicsmagick	Not affected	Not affected	Not affected	Not affected
xbmc	Not in release	Not in release	Not in release	Not in release

CVE-2017-16910

Low priority

Some fixes available 3 of 87

An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition.

8 affected packages

darktable, dcraw, exactimage, rawtherapee, libraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
dcraw	Vulnerable	Vulnerable	Vulnerable	Vulnerable
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
rawtherapee	Vulnerable	Vulnerable	Vulnerable	Vulnerable
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Vulnerable
kodi	Needs evaluation	Not affected	Not affected	Not affected
xbmc	Not in release	Not in release	Not in release	Not in release

CVE-2017-16909

Low priority

Some fixes available 3 of 100

An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.

8 affected packages

darktable, rawtherapee, libraw, ufraw, xbmc...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2017-14608

Medium priority

Some fixes available 4 of 100

In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive...

8 affected packages

kodi, darktable, dcraw, libraw, ufraw...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release

CVE-2017-14348

Medium priority

Some fixes available 3 of 99

LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.

8 affected packages

darktable, dcraw, exactimage, kodi, rawtherapee...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
darktable	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
dcraw	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
exactimage	Vulnerable	Vulnerable	Vulnerable	Vulnerable
kodi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
rawtherapee	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xbmc	Not in release	Not in release	Not in release	Not in release
libraw	Not affected	Not affected	Not affected	Not affected
ufraw	Not in release	Not in release	Not in release	Needs evaluation

Export to JSON

Results by page: