31 matches found
Security update for libraw
This update for libraw fixes the following issues: CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. CVE-2026-20889: heap-based buffer overflow in x3fthumbloaderbsc1261672...
SUSE-SU-2026:1556-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow in...
OPENSUSE-SU-2026:20574-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2026-5342: crafted TIFF/NEF file can cause an out-of-bounds read bsc1261499. - CVE-2026-20884: integer overflow vulnerability in the deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow vulnerability in the...
SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2026:1438-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1438-1 advisory. - CVE-2026-20911: heap-based buffer overflow in HuffTable::initvalbsc1261673. - CVE-2026-21413: heap-based...
SUSE-SU-2026:1438-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2026-20911: heap-based buffer overflow in HuffTable::initvalbsc1261673. - CVE-2026-21413: heap-based buffer overflow in losslessjpegloadraw bsc1261674. - CVE-2026-24660: heap-based buffer overflow in x3floadhuffman bsc1261676...
SUSE CVE-2026-20911
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
Incorrect Calculation of Buffer Size
Overview Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size in the initval process of HuffTable. An attacker can achieve arbitrary code execution or cause a denial of service by supplying a specially crafted malicious file. Remediation Upgrade libraw to versi...
EUVD-2026-19622
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20911
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
DEBIAN-CVE-2026-20911
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20911
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20911
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20911
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-20911
A heap-based buffer overflow vulnerability exists in LibRaw’s HuffTable::initval function, present in commits 0b56545 and d20315b. A specially crafted malicious file can trigger the overflow, potentially impacting confidentiality, integrity, and availability. The CVSSv3.1 vector indicates Network...
CVE-2026-20911
A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
Libraw 安全漏洞
Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and others format images. It supports various operating systems. Libraw has a security vulnerability, which stems from a heap buffer overflow in the HuffTable::initval function, potentially leading to a he...
PT-2026-30831
Name of the Vulnerable Software and Affected Versions LibRaw versions Commit 0b56545 and Commit d20315b Description A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality. A specially crafted malicious file can trigger a heap buffer overflow. An attacker can...
Linux Distros Unpatched Vulnerability : CVE-2026-20911
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted...
SUSE CVE-2026-5318
A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...
EUVD-2026-18116
A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...