Vulnerability Details CVE-2020-35533
In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.6%
CVSS Severity
CVSS v3 Score 5.5
References
- https://github.com/LibRaw/LibRaw/commit/a6937d4046a7c4742b683a04c8564605fd9be4fb
- https://github.com/LibRaw/LibRaw/issues/273
- https://lists.debian.org/debian-lts-announce/2022/09/msg00024.html
- https://github.com/LibRaw/LibRaw/commit/a6937d4046a7c4742b683a04c8564605fd9be4fb
- https://github.com/LibRaw/LibRaw/issues/273
- https://lists.debian.org/debian-lts-announce/2022/09/msg00024.html
Products affected by CVE-2020-35533
-
cpe:2.3:a:libraw:libraw:0.20.0
-
cpe:2.3:a:libraw:libraw:0.20.1
-
cpe:2.3:a:libraw:libraw:0.20.2
-
cpe:2.3:a:libraw:libraw:0.21.0
-
cpe:2.3:o:debian:debian_linux:10.0