10 matches found
Amazon Linux 2 : dcraw, --advisory ALAS2-2025-3017 (ALAS-2025-3017)
The version of dcraw installed on the remote host is prior to 9.19-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3017 advisory. There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary...
Medium: dcraw
Issue Overview: There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system. CVE-2021-3624 Affected Packages: dcraw Note: This advisory is applicable to Amazon Linux 2 AL2 Core...
Medium: LibRaw
Issue Overview: There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system. CVE-2021-3624 Affected Packages: LibRaw Note: This advisory is applicable to Amazon Linux 2 AL2 Core...
Linux Distros Unpatched Vulnerability : CVE-2021-3624
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in th...
RHEL 7 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dcraw: Stack-based buffer overflow in the findgreen function CVE-2018-19655 - dcraw: Buffer overflow caus...
SUSE-SU-2022:1749-1 Security update for dcraw
This update for dcraw fixes the following issues: - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception bsc1056170. - CVE-2017-14608: Fixed an invalid memory access that could lead to information disclosure or denial of service bsc1063798. - CVE-2018-19655: Fixed a...
SUSE-SU-2022:1277-1 Security update for dcraw
This update for dcraw fixes the following issues: - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception bsc1056170. - CVE-2017-14608: Fixed an invalid memory access that could lead to information disclosure or denial of service bsc1063798. - CVE-2018-19655: Fixed a...
CVE-2021-3624
creationtimestamp| type| source ---|---|--- 2022-04-18 20:29:47+00:00| seen| https://t.me/cibsecurity/41046...
CVE-2021-3624
The CVE-2021-3624 issue is confirmed in connected sources as an integer overflow in dcraw that allows arbitrary code execution when processing crafted X3F images. Amazon Linux 2 advisories ALAS2-2025-3017 and ALAS2-2025-3016 link this to dcraw (and LibRaw) and specify patched packages: dcraw 9.19...
CVE-2021-3624
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system...