VYPR
Unrated severityNVD Advisory· Published Jan 19, 2014· Updated Jun 16, 2026

CVE-2013-1438

CVE-2013-1438

Description

Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • Dcraw Project/Dcraw11 versions
    cpe:2.3:a:dave_coffin:dcraw:0.8.0:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:dave_coffin:dcraw:0.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dave_coffin:dcraw:0.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dave_coffin:dcraw:0.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:dave_coffin:dcraw:0.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:dave_coffin:dcraw:0.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:dave_coffin:dcraw:0.8.5:*:*:*:*:*:*:*
    • cpe:2.3:a:dave_coffin:dcraw:0.8.6:*:*:*:*:*:*:*
    • cpe:2.3:a:dave_coffin:dcraw:0.8.7:*:*:*:*:*:*:*
    • cpe:2.3:a:dave_coffin:dcraw:0.8.8:*:*:*:*:*:*:*
    • cpe:2.3:a:dave_coffin:dcraw:0.8.9:*:*:*:*:*:*:*
    • (no CPE)range: <=0.8.9
  • Libraw/Librawllm-fuzzy

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.