Azure Linux 3.0 Security Update: LibRaw (CVE-2020-15503)

The version of LibRaw installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-15503 advisory. - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp,...

LibRaw Input Validation Error Vulnerability

LibRaw is a C++ library from the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG, andothers format images. An input validation error vulnerability exists in versions prior to LibRaw 0.20-RC1, which stems from the program failing to check the size of thumbnails. A remote attacker could explo...

CVE-2020-15503

LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...

CVE-2020-15503

LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, mallocsizeoflibrawprocessedimaget+T.tlength occurs without validating T.tlength...