Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Workstation Extension 15 package libraw, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2018-20337 — CVSS 8.8 (high): There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a…
CVE-2018-5819 — CVSS 7.5 (high): An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to…
CVE-2018-5817 — CVSS 7.5 (high): A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be…
CVE-2018-5818 — CVSS 7.5 (high): An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to…
CVE-2018-5804 — CVSS 6.5 (medium): A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to…
CVE-2018-5813 — CVSS 6.5 (medium): An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite…
CVE-2018-5815 — CVSS 6.5 (medium): An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited…
CVE-2018-5816 — CVSS 6.5 (medium): An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited…