CVE-2018-25017

2021-07-0103:15:07

Google

osv.dev

7.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.8%

RawSpeed (aka librawspeed) 3.1 has a heap-based buffer overflow in TableLookUp::setTable.

CPENameOperatorVersion
rawspeedeq1.0
rawspeedeq3.1
rawspeedeq3.0

Name	Operator	Version
rawspeed	eq	1.0
rawspeed	eq	3.1
rawspeed	eq	3.0

References

bugs.chromium.org/p/oss-fuzz/issues/detail?id=5256

github.com/darktable-org/rawspeed/commit/dbe7591e54bad5e6430d38be6bed051582da76b9

github.com/google/oss-fuzz-vulns/blob/main/vulns/librawspeed/OSV-2018-227.yaml