22 matches found
Amazon Linux 2 : LibRaw (ALAS-2025-2974)
The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2974 advisory. In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. CVE-2025-43961 In...
Advisory ROSA-SA-2025-2942
software: libraw 0.20.2 OS: ROSA-CHROME unaffected versions = libraw-0.20.2-5 affected versions libraw-0.20.2-5 CVE-ID: CVE-2025-43961 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A vulnerability in LibRaw allows an out-of-buffer read in the Fujifilm 0xf00c tag parser. CVE-STATUS: The vulnerability has...
Fedora: Security Advisory (FEDORA-2025-b5b1634cd0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2025:01572-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01572-1 advisory. - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 ...
SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2025:01569-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01569-1 advisory. - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 ...
Fedora: Security Advisory (FEDORA-2025-e7dea91428)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15: libraw-devel / libraw-devel-static / libraw-tools / libraw23 / etc (SUSE-SU-2025:1572-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1572-1 advisory. - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cp...
SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2025:1569-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1569-1 advisory. - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 -...
SUSE-SU-2025:1572-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 - CVE-2025-43963: Fixed...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : LibRaw vulnerabilities (USN-7485-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7485-1 advisory. It was discovered that LibRaw could be made to read out of bounds. An attacker could...
Fedora: Security Advisory (FEDORA-2025-97687e7f68)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : mingw-LibRaw (2025-32a9eb17af)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-32a9eb17af advisory. Update to LibRaw 0.21.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
[SECURITY] [DLA 4142-1] libraw security update
Debian LTS Advisory DLA-4142-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson April 29, 2025 https://wiki.debian.org/LTS Package : libraw Version : 0.20.2-1+deb11u2 CVE ID : CVE-2025-43961 CVE-2025-43962 CVE-2025-43963 CVE-2025-43964 Debian Bug : 1103781 11037...
SUSE SLES12 Security Update : libraw (SUSE-SU-2025:1380-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1380-1 advisory. - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 - CVE-2025-43964: Fixed tag 0x412...
Debian dla-4142 : libraw-bin - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4142 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4142-1 [email protected]...
SUSE-SU-2025:1380-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 - CVE-2025-43964: Fixed tag 0x412 processing in phaseonecorrect does not enforce minimum w0 and w1 values bsc1241584...
SUSE CVE-2025-43962
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...
CVE-2025-43962
A flaw was found in LibRaw. In affected versions, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing. This issue is related to large w0 or w1 values or the frac and mult calculations. Mitigation Mitigation for this issue is either not available or the...
CVE-2025-43962
creationtimestamp| type| source ---|---|--- 2025-04-21 00:05:10+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12626 2025-04-21 02:49:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnc5oyoiii2y 2025-04-21 03:56:12+00:00| seen|...
CVE-2025-43962
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...