CVE-2018-10528
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-10528
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-10528.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-10528
- Downstream
- Related
- Published
- 2018-04-29T03:29:00Z
- Modified
- 2025-09-16T06:49:29.243743Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
- References
Affected packages
Debian:11 / libraw
Package
- Name
- libraw
- Purl
- pkg:deb/debian/libraw?arch=source
Debian:12 / libraw
Package
- Name
- libraw
- Purl
- pkg:deb/debian/libraw?arch=source
Debian:13 / libraw
Package
- Name
- libraw
- Purl
- pkg:deb/debian/libraw?arch=source
Debian:14 / libraw
Package
- Name
- libraw
- Purl
- pkg:deb/debian/libraw?arch=source
Git / github.com/libraw/libraw
Affected ranges
- Type
- GIT
- Repo
- https://github.com/libraw/libraw
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.11.0-Release
0.11.1
0.11.2
0.12.0
0.12.1
0.13.0
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.13.8
0.14.0
0.14.1
0.14.2
0.14.3
0.14.4
0.14.5
0.14.6
0.15.0
0.16.0
0.17.0
0.18.0
0.18.1
0.18.2
0.18.3
0.18.4
0.18.5
0.18.6
0.18.7
0.18.8
0.18.9
Database specific
{
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 204.0,
"function_hash": "252336533857689643885418014743752931165"
},
"signature_version": "v1",
"source": "https://github.com/libraw/libraw/commit/efd8cfabb93fd0396266a7607069901657c082e3",
"id": "CVE-2018-10528-109dd588",
"target": {
"file": "src/libraw_cxx.cpp",
"function": "utf2char"
},
"deprecated": false
},
{
"signature_type": "Function",
"digest": {
"length": 5429.0,
"function_hash": "67370514212402055096699002759909826972"
},
"signature_version": "v1",
"source": "https://github.com/libraw/libraw/commit/efd8cfabb93fd0396266a7607069901657c082e3",
"id": "CVE-2018-10528-4aaec1c0",
"target": {
"file": "src/libraw_cxx.cpp",
"function": "LibRaw::parse_x3f"
},
"deprecated": false
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"154890432160439294006430619712520052245",
"138986028489103972689014037731769997393",
"103099074472438459681567086872941143178",
"12455845976305421023743675851513522855",
"8536276503149737419853247581135011742",
"334169772272254958991513935062430038027",
"55023915806102155922583115239082328038",
"253565321359962370225994169901000094482",
"299264130701775429199092333659680755680",
"95466403734629571529776646325624195481",
"248727732483071687414452209806770728484",
"259059947503145621007055758932539717903",
"268489085269868056506827985562763529183",
"88460514338855426367820464401841263514",
"307498728798500769076404506513026651202",
"297536214377360789117078215482225662086",
"54328197893581282840175486322468253411",
"17621035509924748660311649333895136878"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://github.com/libraw/libraw/commit/efd8cfabb93fd0396266a7607069901657c082e3",
"id": "CVE-2018-10528-731e6467",
"target": {
"file": "src/libraw_cxx.cpp"
},
"deprecated": false
}
]
}