CVE-2020-35534
N/A
N/A
Summary
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | LibRaw | LibRaw 0.21-Beta1, LibRaw 0.20.2, LibRaw 0.20.1, LibRaw 0.20.0, LibRaw 0.20-RC2 | affected |
Weaknesses
- CWE-400: CWE-400
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/LibRaw/LibRaw/issues/279
- https://github.com/LibRaw/LibRaw/commit/e41f331e90b383e3208cefb74e006df44bf3a4b8
References
- https://github.com/LibRaw/LibRaw/issues/279
- https://github.com/LibRaw/LibRaw/commit/e41f331e90b383e3208cefb74e006df44bf3a4b8
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.