CVE-2020-22628
Summary
| CVE | CVE-2020-22628 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-08-22 19:16:00 UTC |
| Updated | 2023-09-10 17:15:00 UTC |
| Description | Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [SECURITY] [DLA 3560-1] libraw security update | MLIST | lists.debian.org | |
| "LibRaw::stretch()" Out-of-bounds read vulnerability · Issue #269 · LibRaw/LibRaw · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 199759 Ubuntu Security Notification for LibRaw Vulnerability (USN-6377-1)
- 356139 Amazon Linux Security Advisory for LibRaw : ALAS2-2023-2256
- 6000027 Debian Security Update for libraw (DLA 3560-1)
- 755032 SUSE Enterprise Linux Security Update for libraw (SUSE-SU-2023:3968-1)
- 755033 SUSE Enterprise Linux Security Update for libraw (SUSE-SU-2023:3967-1)
- 755034 SUSE Enterprise Linux Security Update for libraw (SUSE-SU-2023:3966-1)