Libraw Luki w zabezpieczeniach

Oś czasu

Wersja

0.18.024
0.18.124
0.18.221
0.18.319
0.18.418

Przeciwdziałanie

Official Fix47
Temporary Fix0
Workaround0
Unavailable0
Not Defined1

Wykorzystywanie

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined48

Wektor dostępu

Not Defined0
Physical0
Local3
Adjacent1
Network44

Uwierzytelnianie

Not Defined0
High0
Low1
None47

Interakcja z użytkownikiem

Not Defined0
Required36
None12

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤40
≤55
≤616
≤78
≤813
≤96
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤40
≤55
≤616
≤710
≤812
≤95
≤100

VulDB

≤10
≤20
≤30
≤40
≤517
≤66
≤716
≤88
≤90
≤101

NVD

≤10
≤20
≤30
≤40
≤50
≤67
≤714
≤87
≤911
≤105

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Sprzedawca

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k15
<2k12
<5k21
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj dzisiaj

<1k48
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Versions (52): 0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.8, 0.9, 0.10, 0.11, 0.12, 0.13, 0.13.1, 0.13.2, 0.13.3, 0.13.4, 0.13.5, 0.13.6, 0.13.7, 0.13.8, 0.14, 0.14.1, 0.14.2, 0.14.3, 0.14.4, 0.14.5, 0.14.6, 0.14.7, 0.15, 0.15.1, 0.15.2, 0.15.3, 0.16, 0.17, 0.18, 0.18.1, 0.18.2, 0.18.3, 0.18.4, 0.18.5, 0.18.6, 0.18.7, 0.18.8, 0.18.9, 0.18.11, 0.19, 0.19.1, 0.20, 0.20-Beta2, 19.0, 20.0

Typ oprogramowania: Image Processing Software

OpublikowanoBaseTempSłaby punkt0dayDzisiajWykPrzCTICVE
2022-09-024.94.8LibRaw srf File sony.cpp parseSonySRF information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-35535
2022-09-024.94.8LibRaw cr3 File crx.cpp crxFreeSubbandData denial of service$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-35534
2022-09-024.94.8LibRaw x3f_utils_patched.cpp simple_decode_row information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-35532
2022-09-024.94.8LibRaw Image File x3f_utils_patched.cpp get_huffman_diff information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-35531
2022-09-025.95.8LibRaw X3F File x3f_utils_patched.cpp new_node memory corruption$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-35530
2022-09-024.94.8LibRaw Image File dng.cpp adobe_copy_pixel information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-35533
2021-06-025.55.3LibRaw identify.cpp identify_process_dng_fields memory corruption$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2020-24870
2020-09-165.45.4LibRaw tiff.cpp parse_tiff_ifd denial of service$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-24890
2020-09-166.56.3LibRaw normalize_model.cpp GetNormalizedModel memory corruption$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2020-24889
2020-07-027.47.1LibRaw unpack_thumb.cpp privilege escalation$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-15503

38 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 38 results.

PoprzedniPrzeglądKolejny

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!