CVE-2018-5817

2019-02-2018:00:00

flexera

www.cve.org

AI Score

7.9

Confidence

High

EPSS

0.004

Percentile

73.6%

JSON

A type confusion error within the “unpacked_load_raw()” function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop.

CNA Affected

[
  {
    "product": "LibRaw",
    "vendor": "Flexera Software LLC",
    "versions": [
      {
        "status": "affected",
        "version": "0.19.0 and prior"
      }
    ]
  }
]