CVE-2018-20365

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-20365

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-20365.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-20365

Downstream

DEBIAN-CVE-2018-20365

DLA-2903-1

SUSE-SU-2019:0127-1

SUSE-SU-2019:0133-1

UBUNTU-CVE-2018-20365

USN-3989-1

openSUSE-SU-2019:0094-1

Related

Published

2018-12-22T17:29:00.333Z

Modified

2025-11-14T08:32:17.565907Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.

References

Affected packages

Git / github.com/libraw/libraw

Affected ranges

Type: GIT
Repo: https://github.com/libraw/libraw
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e12cae8cbc7c73a7200f6e7621d71e113885ea72

Affected versions

0.*

0.11.0-Release

0.11.1

0.11.2

0.12.0

0.12.1

0.13.0

0.13.1

0.13.2

0.13.3

0.13.4

0.13.5

0.13.6

0.13.7

0.13.8

0.14.0

0.14.1

0.14.2

0.14.3

0.14.4

0.14.5

0.14.6

0.15.0

0.16.0

0.17.0

0.18.0

0.19.0

0.19.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-20365.json"