In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-01
Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.
CVSS Score
8.8
EPSS Score
0.002
Published
2021-06-02
libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way
CVSS Score
5.5
EPSS Score
0.004
Published
2020-09-16
Page 2