FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-22 18:21:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c60804f1-126f-11e8-8b5b-4ccc6adda413	libraw -- multiple DoS vulnerabilities Secunia Research reports: CVE-2017-16909: An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. CVE-2017-16910: An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) can be exploited to cause an invalid read memory access. Discovery 2017-12-04 Entry 2018-02-15 libraw < 0.18.6 https://www.securityfocus.com/archive/1/541583 CVE-2017-16909 CVE-2017-16910
6f0b0cbf-1274-11e8-8b5b-4ccc6adda413	libraw -- multiple DoS vulnerabilities Secunia Research reports: CVE-2018-5800: An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. CVE-2017-5801: An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) can be exploited to trigger a NULL pointer dereference. CVE-2017-5802: An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Discovery 2018-01-16 Entry 2018-02-15 libraw < 0.18.7 https://www.securityfocus.com/archive/1/541732 CVE-2018-5800 CVE-2018-5801 CVE-2018-5802

VuXML ID

Description

c60804f1-126f-11e8-8b5b-4ccc6adda413

libraw -- multiple DoS vulnerabilities

Secunia Research reports:

CVE-2017-16909: An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image.

CVE-2017-16910: An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) can be exploited to cause an invalid read memory access.

Discovery 2017-12-04
Entry 2018-02-15
libraw

< 0.18.6

https://www.securityfocus.com/archive/1/541583
CVE-2017-16909
CVE-2017-16910

6f0b0cbf-1274-11e8-8b5b-4ccc6adda413

libraw -- multiple DoS vulnerabilities

Secunia Research reports:

CVE-2018-5800: An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

CVE-2017-5801: An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) can be exploited to trigger a NULL pointer dereference.

CVE-2017-5802: An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

Discovery 2018-01-16
Entry 2018-02-15
libraw

< 0.18.7

https://www.securityfocus.com/archive/1/541732
CVE-2018-5800
CVE-2018-5801
CVE-2018-5802