Vulnerabilities > Libraw > Libraw Demosaic Pack Gpl2

DATE CVE VULNERABILITY TITLE RISK
2017-05-15 CVE-2017-6890 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libraw Libraw-Demosaic-Pack-Gpl2
A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow.
network
low complexity
libraw CWE-119
7.5
7.5
2017-05-15 CVE-2017-6889 Integer Overflow or Wraparound vulnerability in Libraw Libraw-Demosaic-Pack-Gpl2
An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow.
network
low complexity
libraw CWE-190
7.5
7.5