Vulnerability Details CVE-2018-10528
An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- https://github.com/LibRaw/LibRaw/commit/efd8cfabb93fd0396266a7607069901657c082e3
- https://github.com/LibRaw/LibRaw/issues/144
- https://usn.ubuntu.com/3639-1/
- https://github.com/LibRaw/LibRaw/commit/efd8cfabb93fd0396266a7607069901657c082e3
- https://github.com/LibRaw/LibRaw/issues/144
- https://usn.ubuntu.com/3639-1/
Products affected by CVE-2018-10528
-
cpe:2.3:a:libraw:libraw:0.18.9
-
cpe:2.3:o:canonical:ubuntu_linux:16.04
-
cpe:2.3:o:canonical:ubuntu_linux:17.10
-
cpe:2.3:o:canonical:ubuntu_linux:18.04