In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-09-01
Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.
CVSS Score
8.8
EPSS Score
0.006
Published
2021-06-02
libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way
CVSS Score
5.5
EPSS Score
0.004
Published
2020-09-16
Page 2