An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-12-07
An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-12-07
In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.
CVSS Score
9.1
EPSS Score
0.004
Published
2017-09-20
LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.
CVSS Score
8.8
EPSS Score
0.008
Published
2017-09-12
Page 4