CVE-2020-24870

CVE-2020-24870

EPSS 1.6%

Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/LibRaw/LibRaw/commit/4feaed4dea636cee4fee010f615881ccf76a096d https://github.com/LibRaw/LibRaw/issues/330 https://security.gentoo.org/glsa/202208-07