FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
6f0b0cbf-1274-11e8-8b5b-4ccc6adda413	libraw -- multiple DoS vulnerabilities Secunia Research reports: CVE-2018-5800: An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. CVE-2017-5801: An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) can be exploited to trigger a NULL pointer dereference. CVE-2017-5802: An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Discovery 2018-01-16 Entry 2018-02-15 libraw < 0.18.7 https://www.securityfocus.com/archive/1/541732 CVE-2018-5800 CVE-2018-5801 CVE-2018-5802

VuXML ID

Description

6f0b0cbf-1274-11e8-8b5b-4ccc6adda413

libraw -- multiple DoS vulnerabilities

Secunia Research reports:

CVE-2018-5800: An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

CVE-2017-5801: An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) can be exploited to trigger a NULL pointer dereference.

CVE-2017-5802: An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

Discovery 2018-01-16
Entry 2018-02-15
libraw

< 0.18.7

https://www.securityfocus.com/archive/1/541732
CVE-2018-5800
CVE-2018-5801
CVE-2018-5802