Fedora 44 : mingw-LibRaw (2026-a436c41faf)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a436c41faf advisory. Update to libraw-0.22.1. ---- Backport fixes for CVE-2026-5318 and CVE-2026-5342. Tenable has extracted the preceding description block directly fro...

Memos has an Incorrect Privilege Assignment issue

A weakness has been identified in usememos memos up to 0.22.1. This affects the function memosaccesstoken of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to be...

libraw-devel-0.22.1-1.1 on GA media (moderate)

libraw-devel-0.22.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10565-1 Rating: moderate Cross-References: CVE-2026-20884 CVE-2026-20889 CVE-2026-20911 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 CVE-2026-5342 CVSS scores: CVE-2026-20884 SUSE : 8.1...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the deflatedngloadraw process. An attacker can cause a heap buffer overflow by supplying a specially crafted file. Remediation Upgrade libraw to version 0.22.1 or higher. References - GitHub Commit -...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the x3fthumbloader process. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted file. Remediation Upgrade libraw to version 0.22.1 or higher. References ...

EUVD-2026-18344

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

CVE-2026-5342

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

UBUNTU-CVE-2026-5342

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

CVE-2026-5342 LibRaw TIFF/NEF decoders_libraw.cpp nikon_load_padded_packed_raw out-of-bounds

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

CVE-2026-5342

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

CVE-2026-5342

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the initval function of the JPEG DHT Parser component when processing the bits argument. An attacker can cause a denial of service by supplying a specially crafted JPEG file that triggers an out-of-bounds write...

CVE-2026-5318

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

UBUNTU-CVE-2026-5318

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

CVE-2026-5318

LibRaw is affected up to 0.22.0. The vulnerability resides in HuffTable::initval (src/decompressors/losslessjpeg.cpp) where manipulation of bits[] can trigger an out-of-bounds write. An attacker could potentially exploit this remotely, and a public exploit has been made available. The fix is the ...

OPENSUSE-SU-2026:10175-1 cargo-audit-0.22.1~git0.efcde93-2.1 on GA media

These are all security issues fixed in the cargo-audit-0.22.1git0.efcde93-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2021-39531

An issue was discovered in libslax through v0.22.1. slaxLexer in slaxlexer.c has a stack-based buffer overflow...

CVE-2023-49800

nuxt-api-party is an open source module to proxy API requests. The library allows the user to send many options directly to ofetch. There is no filter on which options are available. We can abuse the retry logic to cause the server to crash from a stack overflow. fetchOptions are obtained directl...

CVE-2023-49799 Server-Side Request Forgery in nuxt-api-party

nuxt-api-party is an open source module to proxy API requests. nuxt-api-party attempts to check if the user has passed an absolute URL to prevent the aforementioned attack. This has been recently changed to use the regular expression ^https?://, however this regular expression can be bypassed by ...

CVE-2023-49799 Server-Side Request Forgery in nuxt-api-party

nuxt-api-party is an open source module to proxy API requests. nuxt-api-party attempts to check if the user has passed an absolute URL to prevent the aforementioned attack. This has been recently changed to use the regular expression ^https?://, however this regular expression can be bypassed by ...