suse · CVE-2018-20337

Quick triage

Priority: low Published: 2021-05-30 14:19:31 UTC Updated: 2026-03-05 06:34:57 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-20337 severity low: SUSE including 93 source package names (LibRaw-0.19.5-1.el8, LibRaw-devel-0.19.5-1.el8, …), 122 product×package rows across 29 product lines (SUSE Liberty Linux 8, SUSE Linux Enterprise Desktop 12 SP3, … (29 product lines)): Fixed 106, Known Not Affected 16.

Description:

There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact.

cvelogic Threat Intelligence