Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-441f-fn3d-f3hb
SummaryInteger Overflow or Wraparound vulnerability in RawTherapee (rtengine modules). This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11.
Aliases
0
alias CVE-2026-24808
Fixed_packages
0
url pkg:deb/debian/rawtherapee@5.12-1?distro=trixie
purl pkg:deb/debian/rawtherapee@5.12-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rawtherapee@5.12-1%3Fdistro=trixie
1
url pkg:deb/debian/rawtherapee@5.12-2?distro=trixie
purl pkg:deb/debian/rawtherapee@5.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rawtherapee@5.12-2%3Fdistro=trixie
2
url pkg:deb/debian/rawtherapee@5.12-2
purl pkg:deb/debian/rawtherapee@5.12-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rawtherapee@5.12-2
Affected_packages
0
url pkg:deb/debian/rawtherapee@5.8-3?distro=trixie
purl pkg:deb/debian/rawtherapee@5.8-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-441f-fn3d-f3hb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rawtherapee@5.8-3%3Fdistro=trixie
1
url pkg:deb/debian/rawtherapee@5.8-3
purl pkg:deb/debian/rawtherapee@5.8-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-441f-fn3d-f3hb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rawtherapee@5.8-3
2
url pkg:deb/debian/rawtherapee@5.9-1
purl pkg:deb/debian/rawtherapee@5.9-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-441f-fn3d-f3hb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rawtherapee@5.9-1
3
url pkg:deb/debian/rawtherapee@5.9-1?distro=trixie
purl pkg:deb/debian/rawtherapee@5.9-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-441f-fn3d-f3hb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rawtherapee@5.9-1%3Fdistro=trixie
4
url pkg:deb/debian/rawtherapee@5.11-2
purl pkg:deb/debian/rawtherapee@5.11-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-441f-fn3d-f3hb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rawtherapee@5.11-2
5
url pkg:deb/debian/rawtherapee@5.11-2?distro=trixie
purl pkg:deb/debian/rawtherapee@5.11-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-441f-fn3d-f3hb
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rawtherapee@5.11-2%3Fdistro=trixie
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-24808
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05471
published_at 2026-04-04T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05437
published_at 2026-04-02T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05865
published_at 2026-04-21T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05749
published_at 2026-04-13T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.0571
published_at 2026-04-16T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05719
published_at 2026-04-18T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05759
published_at 2026-04-08T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05785
published_at 2026-04-09T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05761
published_at 2026-04-11T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05754
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-24808
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24808
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24808
2
reference_url https://github.com/RawTherapee/RawTherapee/pull/7359
reference_id 7359
reference_type
scores
0
value 8.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/S:P/AU:Y/R:U/V:C/RE:M/U:Amber
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T20:44:25Z/
url https://github.com/RawTherapee/RawTherapee/pull/7359
Weaknesses
0
cwe_id 190
name Integer Overflow or Wraparound
description The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.
Exploits
Severity_range_score8.3 - 8.3
Exploitability0.5
Weighted_severity7.5
Risk_score3.8
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-441f-fn3d-f3hb