24 matches found
MGASA-2025-0316 Updated libraw, digikam & darktable packages fix security vulnerabilities
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. CVE-2025-43961 In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult...
[SECURITY] Fedora 41 Update: darktable-5.2.0-1.fc41
darktable manages your camera raw files and images in a database, lets you view them through lighttable mode and develop/enhance them in darkroom mode...
Fedora 41 : darktable (2025-b5b1634cd0)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b5b1634cd0 advisory. 5.2.0 release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
[SECURITY] Fedora 42 Update: darktable-5.2.0-1.fc42
darktable manages your camera raw files and images in a database, lets you view them through lighttable mode and develop/enhance them in darkroom mode...
Fedora 42 : darktable (2025-a2b4be7d9b)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a2b4be7d9b advisory. 5.2.0 release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
OPENSUSE-SU-2024:10478-1 darktable-2.0.7-1.1 on GA media
These are all security issues fixed in the darktable-2.0.7-1.1 package on the GA media of openSUSE Tumbleweed...
The vulnerability of the TableLookUp::setTable function in the RawSpeed library of the Darktable application allows a hacker to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the TableLookUp::setTable function in the RawSpeed library of the Darktable application relates to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
Mageia: Security Advisory (MGASA-2014-0050)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2013-0223)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0222)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2015-0222 Updated darktable packages fix CVE-2015-3885
Updated darktable package fixes security vulnerability The dcraw tool bundled in darktable's libraw copy suffers from an integer overflow condition which leads to a buffer overflow. A maliciously crafted raw image file can be used to trigger the vulnerability, causing a Denial of Service conditio...
Updated darktable packages fix CVE-2015-3885
Updated darktable package fixes security vulnerability The dcraw tool bundled in darktable's libraw copy suffers from an integer overflow condition which leads to a buffer overflow. A maliciously crafted raw image file can be used to trigger the vulnerability, causing a Denial of Service conditio...
openSUSE Security Update : darktable (openSUSE-SU-2013:1083-1)
This update of darktable fixes a problem inside the embedded libraw version. - Fix for CVE-2013-2126 - added backported patch from git master 0001-fixed-error-handling-for-broken-full-color-images.p atch fixes bnc823114- %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...
Updated darktable package fixes two vulnerabilities
Updated darktable package fixes security vulnerabilities: Darktable before version 1.2.3 contains an embedded copy of LibRaw that incorrectly handled photo files. If a user was tricked into processing a specially crafted photo file, darktable could be made to crash, resulting in a denial of servi...
MGASA-2014-0050 Updated darktable package fixes two vulnerabilities
Updated darktable package fixes security vulnerabilities: Darktable before version 1.2.3 contains an embedded copy of LibRaw that incorrectly handled photo files. If a user was tricked into processing a specially crafted photo file, darktable could be made to crash, resulting in a denial of servi...
Fedora 18 : LibRaw-0.14.8-3.fc18.20120830git98d925 (2013-15576)
Raphael Geissert reported two denial of service flaws in LibRaw 1 : CVE-2013-1438 : Specially crafted photo files may trigger a division by zero, an infinite loop, or a NULL pointer dereference in libraw leading to denial of service in applications using the library. These vulnerabilities appear ...
CVE-2013-2127
Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors...
Updated darktable package fixes security vulnerability
A double-free error exits when handling damaged full-color within Foveon and sRAW files in libraw, which is embedded in darktable CVE-2013-2126...
MGASA-2013-0223 Updated darktable package fixes security vulnerability
A double-free error exits when handling damaged full-color within Foveon and sRAW files in libraw, which is embedded in darktable CVE-2013-2126...
CVE-2013-2126
Multiple double free vulnerabilities in the LibRaw::unpack function in librawcxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code via a malformed full-color 1 Foveon or 2 sRAW image file...