Vulnerabilidades en LibRaw
14 resultadosCVE-2017-6886—An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memEPSS 3.4%CVE-2017-6887—A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cauEPSS 1.6%CVE-2017-6889—An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploiEPSS 1.5%CVE-2017-6890—A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 beEPSS 1.5%CVE-2026-21413CRITICALA heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of LibRaw Commit 0b56545 and Commit d20315b. AEPSS 0.5%CVE-2026-20889CRITICALA heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b. A specially crafted maliciEPSS 0.5%CVE-2026-20911CRITICALA heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A speEPSS 0.5%CVE-2026-24660HIGHA heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b. A specially crafted maliciEPSS 0.5%CVE-2026-24450HIGHAn integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malEPSS 0.5%CVE-2026-20884HIGHAn integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious fEPSS 0.5%CVE-2025-43961LOWIn LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser.EPSS 0.4%CVE-2025-43962LOWIn LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large wEPSS 0.4%CVE-2025-43963LOWIn LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values aEPSS 0.4%CVE-2025-43964LOWIn LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.EPSS 0.3%