Vulnerability Details CVE-2020-35531
In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.6%
CVSS Severity
CVSS v3 Score 5.5
References
- https://github.com/LibRaw/LibRaw/commit/d75af00681a74dcc8b929207eb895611a6eceb68
- https://github.com/LibRaw/LibRaw/issues/270
- https://lists.debian.org/debian-lts-announce/2022/09/msg00024.html
- https://github.com/LibRaw/LibRaw/commit/d75af00681a74dcc8b929207eb895611a6eceb68
- https://github.com/LibRaw/LibRaw/issues/270
- https://lists.debian.org/debian-lts-announce/2022/09/msg00024.html
Products affected by CVE-2020-35531
-
cpe:2.3:a:libraw:libraw:0.20.0
-
cpe:2.3:a:libraw:libraw:0.20.1
-
cpe:2.3:a:libraw:libraw:0.20.2
-
cpe:2.3:a:libraw:libraw:0.21.0
-
cpe:2.3:o:debian:debian_linux:10.0