CVE-2020-35532

Summary

In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field.

Affected Software

VendorProductVersion RangeStatus
n/aLibRawLibRaw 0.21-Beta1, LibRaw 0.20.2, LibRaw 0.20.1, LibRaw 0.20.0, LibRaw 0.20-RC2affected

Weaknesses

  • CWE-125: CWE-125

ADP Enrichment

CVE Program Container

Additional References

References