Vulnerability Details CVE-2020-35532
In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.6%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2020-35532
-
cpe:2.3:a:libraw:libraw:0.20.0
-
cpe:2.3:a:libraw:libraw:0.20.1
-
cpe:2.3:a:libraw:libraw:0.20.2
-
cpe:2.3:a:libraw:libraw:0.21.0
-
cpe:2.3:o:debian:debian_linux:10.0