CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-35535

In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.8%

CVSS Severity

CVSS v3 Score 5.5

References

https://github.com/LibRaw/LibRaw/commit/c243f4539233053466c1309bde606815351bee81
https://github.com/LibRaw/LibRaw/issues/283
https://github.com/LibRaw/LibRaw/commit/c243f4539233053466c1309bde606815351bee81
https://github.com/LibRaw/LibRaw/issues/283

Products affected by CVE-2020-35535

Libraw » Libraw » Version: 0.20.0

cpe:2.3:a:libraw:libraw:0.20.0
Libraw » Libraw » Version: 0.20.1

cpe:2.3:a:libraw:libraw:0.20.1
Libraw » Libraw » Version: 0.20.2

cpe:2.3:a:libraw:libraw:0.20.2
Libraw » Libraw » Version: 0.21.0

cpe:2.3:a:libraw:libraw:0.21.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35535

Products

Pricing

Contact Us