[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-6887":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-08T14:11:31.067Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":88,"related":89,"reserved_at":9,"published_at":94,"modified_at":95,"state":96,"summary":97,"references_raw":106,"kevs":136,"epss":137,"epss_history":140,"metrics":403,"affected":414},"CVE-2017-6887","A boundary error within the \"parse_tiff_ifd()\" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to \"DSLR-A100\" and containing multiple sequences of 0x100 and 0x14A TAGs.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86],{"_key":73},"ALPINE-CVE-2017-6887",{"_key":75},"DEBIAN-CVE-2017-6887",{"_key":77},"SUSE-SU-2017:2300-1",{"_key":79},"UBUNTU-CVE-2017-6887",{"_key":81},"USN-3492-1",{"_key":83},"OPENSUSE-SU-2024:10980-1",{"_key":85},"DLA-1057-1",{"_key":87},"DSA-3950-1",[],[90,92,93],{"_key":91},"MGASA-2017-0223",{"_key":77},{"_key":83},"2017-05-16T15:00:00.000Z","2024-08-05T15:41:17.692Z","Deferred",{"cisa_kev":98,"cisa_ransomware":98,"cisa_vendor":9,"epss_severity":99,"epss_score":100,"severity":101,"severity_score":102,"severity_version":103,"severity_source":104,"severity_vector":105,"severity_status":96},false,"low",0.00471,"high",7.8,"v3.0","nvd","CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",[107,115,121,125,131],{"url":108,"sources":109,"tags":111},"http://www.securityfocus.com/bid/98592",[110,104],"cve.org",[112,113,114],"VDB Entry","X Refsource BID","Third Party Advisory",{"url":116,"sources":117,"tags":118},"https://secuniaresearch.flexerasoftware.com/secunia_research/2017-6/",[110,104],[119,120,114],"X Refsource MISC","Permissions Required",{"url":122,"sources":123,"tags":124},"https://secuniaresearch.flexerasoftware.com/advisories/75737/",[110,104],[119,120,114],{"url":126,"sources":127,"tags":128},"http://www.debian.org/security/2017/dsa-3950",[110,104],[129,130],"Vendor Advisory","X Refsource DEBIAN",{"url":132,"sources":133,"tags":134},"https://github.com/LibRaw/LibRaw/commit/d7c3d2cb460be10a3ea7b32e9443a83c243b2251",[110,104],[119,135,114],"Patch",[],{"date":138,"score":100,"percentile":139},"2026-04-07",0.64555,[141,144,147,150,152,155,158,161,164,167,170,173,176,179,182,186,189,192,195,198,200,203,206,209,212,214,217,220,223,226,229,232,235,237,240,243,245,248,251,254,257,260,263,266,269,272,275,278,281,284,287,290,293,296,299,301,304,307,310,313,316,319,322,325,328,331,334,336,339,342,344,347,350,353,356,359,362,365,368,371,374,377,380,383,386,389,392,394,397,400],{"date":142,"score":100,"percentile":143},"2025-11-04",0.63766,{"date":145,"score":100,"percentile":146},"2025-11-05",0.63748,{"date":148,"score":100,"percentile":149},"2025-11-06",0.63754,{"date":151,"score":100,"percentile":143},"2025-11-07",{"date":153,"score":100,"percentile":154},"2025-11-08",0.63769,{"date":156,"score":100,"percentile":157},"2025-11-09",0.63763,{"date":159,"score":100,"percentile":160},"2025-11-10",0.63747,{"date":162,"score":100,"percentile":163},"2025-11-11",0.63759,{"date":165,"score":100,"percentile":166},"2025-11-12",0.63778,{"date":168,"score":100,"percentile":169},"2025-11-13",0.63784,{"date":171,"score":100,"percentile":172},"2025-11-14",0.63794,{"date":174,"score":100,"percentile":175},"2025-11-15",0.63789,{"date":177,"score":100,"percentile":178},"2025-11-16",0.6378,{"date":180,"score":100,"percentile":181},"2025-11-17",0.63779,{"date":183,"score":184,"percentile":185},"2025-11-18",0.00252,0.45206,{"date":187,"score":184,"percentile":188},"2025-11-19",0.45214,{"date":190,"score":184,"percentile":191},"2025-11-20",0.4522,{"date":193,"score":100,"percentile":194},"2025-11-21",0.6379,{"date":196,"score":100,"percentile":197},"2025-11-22",0.63797,{"date":199,"score":100,"percentile":166},"2025-11-23",{"date":201,"score":100,"percentile":202},"2025-11-24",0.6377,{"date":204,"score":100,"percentile":205},"2025-11-25",0.63773,{"date":207,"score":100,"percentile":208},"2025-11-26",0.63776,{"date":210,"score":100,"percentile":211},"2025-11-27",0.63781,{"date":213,"score":100,"percentile":163},"2025-11-28",{"date":215,"score":100,"percentile":216},"2025-11-29",0.6373,{"date":218,"score":100,"percentile":219},"2025-11-30",0.63722,{"date":221,"score":100,"percentile":222},"2025-12-01",0.63895,{"date":224,"score":100,"percentile":225},"2025-12-02",0.63912,{"date":227,"score":100,"percentile":228},"2025-12-03",0.63913,{"date":230,"score":100,"percentile":231},"2025-12-04",0.63737,{"date":233,"score":100,"percentile":234},"2025-12-05",0.6375,{"date":236,"score":100,"percentile":234},"2025-12-06",{"date":238,"score":100,"percentile":239},"2025-12-07",0.63743,{"date":241,"score":100,"percentile":242},"2025-12-08",0.63751,{"date":244,"score":100,"percentile":169},"2025-12-09",{"date":246,"score":100,"percentile":247},"2025-12-10",0.6383,{"date":249,"score":100,"percentile":250},"2025-12-11",0.63847,{"date":252,"score":100,"percentile":253},"2025-12-12",0.63866,{"date":255,"score":100,"percentile":256},"2025-12-13",0.63872,{"date":258,"score":100,"percentile":259},"2025-12-14",0.6387,{"date":261,"score":100,"percentile":262},"2025-12-15",0.63864,{"date":264,"score":100,"percentile":265},"2025-12-16",0.6388,{"date":267,"score":100,"percentile":268},"2025-12-17",0.63894,{"date":270,"score":100,"percentile":271},"2025-12-18",0.6393,{"date":273,"score":100,"percentile":274},"2025-12-19",0.63947,{"date":276,"score":100,"percentile":277},"2025-12-20",0.63944,{"date":279,"score":100,"percentile":280},"2025-12-21",0.63933,{"date":282,"score":100,"percentile":283},"2025-12-22",0.63925,{"date":285,"score":100,"percentile":286},"2025-12-23",0.63934,{"date":288,"score":100,"percentile":289},"2025-12-24",0.63942,{"date":291,"score":100,"percentile":292},"2025-12-25",0.63967,{"date":294,"score":100,"percentile":295},"2025-12-26",0.63968,{"date":297,"score":100,"percentile":298},"2025-12-27",0.64012,{"date":300,"score":100,"percentile":277},"2025-12-28",{"date":302,"score":100,"percentile":303},"2025-12-29",0.63932,{"date":305,"score":100,"percentile":306},"2025-12-30",0.63949,{"date":308,"score":100,"percentile":309},"2025-12-31",0.63975,{"date":311,"score":100,"percentile":312},"2026-01-01",0.64164,{"date":314,"score":100,"percentile":315},"2026-01-02",0.6415,{"date":317,"score":100,"percentile":318},"2026-01-03",0.64149,{"date":320,"score":100,"percentile":321},"2026-01-04",0.63972,{"date":323,"score":100,"percentile":324},"2026-01-05",0.63966,{"date":326,"score":100,"percentile":327},"2026-01-06",0.63961,{"date":329,"score":100,"percentile":330},"2026-01-07",0.6398,{"date":332,"score":100,"percentile":333},"2026-01-08",0.64002,{"date":335,"score":100,"percentile":333},"2026-01-09",{"date":337,"score":100,"percentile":338},"2026-01-10",0.64001,{"date":340,"score":100,"percentile":341},"2026-01-11",0.63991,{"date":343,"score":100,"percentile":321},"2026-01-12",{"date":345,"score":100,"percentile":346},"2026-01-13",0.6397,{"date":348,"score":100,"percentile":349},"2026-01-14",0.64008,{"date":351,"score":100,"percentile":352},"2026-01-15",0.64024,{"date":354,"score":100,"percentile":355},"2026-01-16",0.64045,{"date":357,"score":100,"percentile":358},"2026-01-17",0.64033,{"date":360,"score":100,"percentile":361},"2026-01-18",0.64026,{"date":363,"score":100,"percentile":364},"2026-01-19",0.64013,{"date":366,"score":100,"percentile":367},"2026-01-20",0.64027,{"date":369,"score":100,"percentile":370},"2026-01-21",0.64029,{"date":372,"score":100,"percentile":373},"2026-01-22",0.64036,{"date":375,"score":100,"percentile":376},"2026-01-23",0.64067,{"date":378,"score":100,"percentile":379},"2026-01-24",0.64071,{"date":381,"score":100,"percentile":382},"2026-01-25",0.64037,{"date":384,"score":100,"percentile":385},"2026-01-26",0.64025,{"date":387,"score":100,"percentile":388},"2026-01-27",0.64035,{"date":390,"score":100,"percentile":391},"2026-01-28",0.64044,{"date":393,"score":100,"percentile":391},"2026-01-29",{"date":395,"score":100,"percentile":396},"2026-01-30",0.64053,{"date":398,"score":100,"percentile":399},"2026-01-31",0.64057,{"date":401,"score":100,"percentile":402},"2026-02-01",0.64202,[404],{"source":104,"cvss_v2_0":405,"cvss_v3_0":410,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":406,"baseSeverity":9,"vectorString":407,"impactScore":408,"exploitabilityScore":409},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":102,"baseSeverity":411,"vectorString":105,"impactScore":412,"exploitabilityScore":413},"HIGH",9.8,4.6,[415],{"ecosystem":9,"name":416,"vendor":417,"product":417,"cpe_part":418,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":419},"LibRaw","libraw","a",[420,426],{"version":421,"is_range":422,"range_type":423,"version_start":9,"version_start_type":9,"version_end":424,"version_end_type":425,"fixed_in":9},"lte0.18.1",true,"cpe","0.18.1","including",{"version":427,"is_range":98,"range_type":110,"version_start":427,"version_start_type":425,"version_end":427,"version_end_type":425,"fixed_in":9},"0.x prior to 0.18.2"]