Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-1734-1:0E29D
HistoryMar 28, 2019 - 9:22 p.m.

[SECURITY] [DLA 1734-1] libraw security update

2019-03-2821:22:30
lists.debian.org
93

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.7%

JSON

Package : libraw
Version : 0.16.0-9+deb8u4
CVE ID : CVE-2018-5800 CVE-2018-5801 CVE-2018-5802 CVE-2018-5808
CVE-2018-5817 CVE-2018-5818 CVE-2018-5819

Secunia Research has discovered multiple vulnerabilities in libraw, a
raw image decoder library, which can be exploited to cause a Denial of
Service.

The issues contain divisions by zero, out-of-bounds read memory access,
heap-based buffer overflows and NULL pointer dereferences.

For Debian 8 "Jessie", these problems have been fixed in version
0.16.0-9+deb8u4.

We recommend that you upgrade your libraw packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian9i386libraw-dev< 0.17.2-6+deb9u2libraw-dev_0.17.2-6+deb9u2_i386.deb
Debian8amd64libraw-dev< 0.16.0-9+deb8u4libraw-dev_0.16.0-9+deb8u4_amd64.deb
Debian8i386libraw-dev< 0.16.0-9+deb8u4libraw-dev_0.16.0-9+deb8u4_i386.deb
Debian9amd64libraw15< 0.17.2-6+deb9u2libraw15_0.17.2-6+deb9u2_amd64.deb
Debian8armellibraw10< 0.16.0-9+deb8u4libraw10_0.16.0-9+deb8u4_armel.deb
Debian9armellibraw15< 0.17.2-6+deb9u2libraw15_0.17.2-6+deb9u2_armel.deb
Debian9alllibraw-doc< 0.17.2-6+deb9u2libraw-doc_0.17.2-6+deb9u2_all.deb
Debian9i386libraw-bin< 0.17.2-6+deb9u2libraw-bin_0.17.2-6+deb9u2_i386.deb
Debian9amd64libraw-bin< 0.17.2-6+deb9u2libraw-bin_0.17.2-6+deb9u2_amd64.deb
Debian8armhflibraw-dev< 0.16.0-9+deb8u4libraw-dev_0.16.0-9+deb8u4_armhf.deb
Rows per page:
1-10 of 311

Related

nessus 25
osv 8
openvas 9
zdt 1
ubuntucve 7
freebsd 1
centos 1
ubuntu 2
redhat 1
oraclelinux 1
suse 3
debian 1
redhatcve 7
debiancve 7
cve 7
veracode 7
alpinelinux 3
prion 7
fedora 2
mageia 1
nessus
nessus
Debian DLA-1734-1 : libraw security update
2019-03-29 00:00:00
openSUSE Security Update : libraw (openSUSE-2018-281)
2018-03-19 00:00:00
FreeBSD : libraw -- multiple DoS vulnerabilities (6f0b0cbf-1274-11e8-8b5b-4ccc6adda413)
2018-02-16 00:00:00
osv
osv
libraw - security update
2019-03-28 00:00:00
libraw - security update
2022-01-29 00:00:00
CVE-2018-5808
2018-12-07 22:29:01
openvas
openvas
Debian: Security Advisory (DLA-1734-1)
2019-04-02 00:00:00
Ubuntu: Security Advisory (USN-3615-1)
2018-04-04 00:00:00
openSUSE: Security Advisory for libraw (openSUSE-SU-2019:0094-1)
2019-01-30 00:00:00
zdt
zdt
LibRaw 0.18.7 Denial Of Service Vulnerability
2018-02-01 00:00:00
ubuntucve
ubuntucve
CVE-2018-5819
2019-02-20 00:00:00
CVE-2018-5818
2019-02-20 00:00:00
CVE-2018-5808
2018-12-07 00:00:00
freebsd
freebsd
libraw -- multiple DoS vulnerabilities
2018-01-16 00:00:00
centos
centos
libkdcraw security update
2018-11-15 18:48:45
ubuntu
ubuntu
LibRaw vulnerabilities
2018-04-03 00:00:00
LibRaw vulnerabilities
2019-05-21 00:00:00
redhat
redhat
(RHSA-2018:3065) Moderate: libkdcraw security update
2018-10-30 04:15:19
oraclelinux
oraclelinux
libkdcraw security update
2018-11-05 00:00:00
suse
suse
Security update for libraw (moderate)
2019-01-29 00:00:00
Security update for libraw (moderate)
2018-12-29 00:15:57
Security update for dcraw (moderate)
2022-04-20 00:00:00
debian
debian
[SECURITY] [DLA 2903-1] libraw security update
2022-01-29 13:18:14
redhatcve
redhatcve
CVE-2018-5808
2018-12-21 13:20:11
CVE-2018-5800
2020-04-01 13:56:02
CVE-2018-5819
2018-12-21 18:20:53
debiancve
debiancve
CVE-2018-5808
2018-12-07 22:29:00
CVE-2018-5800
2018-12-07 22:29:00
CVE-2018-5818
2019-02-20 18:29:00
cve
cve
CVE-2018-5808
2018-12-07 22:29:00
CVE-2018-5818
2019-02-20 18:29:00
CVE-2018-5801
2018-12-07 22:29:00
veracode
veracode
Arbitrary Code Execution
2018-12-10 01:43:34
Denial Of Service (DoS)
2018-07-18 08:13:06
Denial Of Service (DoS)
2019-01-03 02:10:43
alpinelinux
alpinelinux
CVE-2018-5818
2019-02-20 18:29:00
CVE-2018-5819
2019-02-20 18:29:00
CVE-2018-5817
2019-02-20 18:29:00
prion
prion
Design/Logic Flaw
2019-02-20 18:29:00
Stack overflow
2018-12-07 22:29:00
Heap overflow
2018-12-07 22:29:00
fedora
fedora
[SECURITY] Fedora 28 Update: dcraw-9.28.0-1.fc28
2018-06-28 14:10:13
[SECURITY] Fedora 27 Update: dcraw-9.28.0-1.fc27
2018-07-25 18:45:12
mageia
mageia
Updated dcraw packages fix security vulnerability
2019-01-06 19:41:22

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.7%

JSON
Related for DEBIAN:DLA-1734-1:0E29D
nessus25osv8openvas9zdt1ubuntucve7freebsd1centos1ubuntu2redhat1oraclelinux1suse3debian1redhatcve7debiancve7cve7veracode7alpinelinux3prion7fedora2mageia1