CRITICAL🇵🇱 Wersja polska

CVE-2017-14608

CVSS 9.1v3.0pub. 2017-09-20upd. 2026-05-13

In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
  • Libraw

    APP
    Libraw
    ≤ 0.18.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-21413CRITICAL9.8PL ✓ten sam produkt

Heap buffer overflow w LibRaw — funkcja lossless_jpeg_load_raw

CVE-2026-20911CRITICAL9.8PL ✓ten sam produkt

Przepełnienie bufora sterty w LibRaw — funkcja HuffTable::initval

CVE-2026-20889CRITICAL9.8PL ✓ten sam produkt

LibRaw: przepełnienie bufora sterty w x3f_thumb_loader

CVE-2015-8367CRITICAL9.8ten sam produkt

The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly ex...

CVE-2015-8366CRITICAL9.8ten sam produkt

Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers t...