Lucene search
Ubuntu.comUB:CVE-2020-22628HistoryAug 22, 2023 - 12:00 a.m.
CVE-2020-22628
2023-08-2200:00:00
ubuntu.com
ubuntu.com
7
cve-2020-22628
libraw
buffer overflow
stretch function
aspect_ratio.cpp
dcraw
dcraw.c
dcraw_common.cpp
unix
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0005 Low
EPSS
Percentile
17.1%
Buffer Overflow vulnerability in LibRaw::stretch() function in
libraw\src\postprocessing\aspect_ratio.cpp.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | In focal, code is in dcraw/dcraw.c and internal/dcraw_common.cpp. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | darktable | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | dcraw | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | dcraw | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | dcraw | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | dcraw | < any | UNKNOWN |
Related
ubuntu
ubuntu
LibRaw vulnerability
2023-09-18 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3560-1)
2023-09-11 00:00:00
Ubuntu: Security Advisory (USN-6377-1)
2023-09-19 00:00:00
openSUSE: Security Advisory for libraw (SUSE-SU-2023:3966-1)
2024-03-04 00:00:00
nvd
nvd
CVE-2020-22628
2023-08-22 19:16:19
osv
osv
libraw - security update
2023-09-10 00:00:00
libraw vulnerability
2023-09-18 13:15:50
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libraw (SUSE-SU-2023:3966-1)
2023-10-05 00:00:00
Debian DLA-3560-1 : libraw - LTS security update
2023-09-10 00:00:00
prion
prion
Buffer overflow
2023-08-22 19:16:00
alpinelinux
alpinelinux
CVE-2020-22628
2023-08-22 19:16:19
debian
debian
[SECURITY] [DLA 3560-1] libraw security update
2023-09-10 14:19:45
debiancve
debiancve
CVE-2020-22628
2023-08-22 19:16:19
redhatcve
redhatcve
CVE-2020-22628
2023-08-28 15:48:35
cve
cve
CVE-2020-22628
2023-08-22 19:16:19
cvelist
cvelist
CVE-2020-22628
2023-08-22 00:00:00
amazon
amazon
Medium: LibRaw
2023-09-13 23:44:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0005 Low
EPSS
Percentile
17.1%
Related for UB:CVE-2020-22628