Alibaba Cloud Linux 3 : 0125: LibRaw (ALINUX3-SA-2026:0125)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0125 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-21413: A flaw was found in LibRaw...

SUSE SLES15 Security Update : libraw (SUSE-SU-2026:1556-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1556-1 advisory. - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer overflow and heap...

Fedora 43 : mingw-LibRaw (2026-635a001215)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-635a001215 advisory. Backport patch for CVE-2026-20884. ---- Backport fixes for CVE-2026-20889 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 ---- Update to libraw-0.21.5...

NewStart CGSL MAIN 6.06 : LibRaw Multiple Vulnerabilities (NS-SA-2025-0242)

The remote NewStart CGSL host, running version MAIN 6.06, has LibRaw packages installed that are affected by multiple vulnerabilities: - The phaseonecorrect function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object...

TencentOS Server 4: LibRaw (TSSA-2025:0399)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0399 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

EUVD-2013-2094

Malware in sbrugna...

Amazon Linux 2 : LibRaw (ALAS-2025-2974)

The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2974 advisory. In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. CVE-2025-43961 In...

SUSE-SU-2025:01572-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 - CVE-2025-43963: Fixed...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libraw (SUSE-SU-2025:1572-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1572-1 advisory. - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cp...

USN-7485-1: LibRaw vulnerabilities

It was discovered that LibRaw could be made to read out of bounds. An attacker could possibly use this issue to cause applications using LibRaw to crash, resulting in a denial of service. CVE-2025-43961, CVE-2025-43962, CVE-2025-43963, CVE-2025-43964...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : LibRaw vulnerabilities (USN-7485-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7485-1 advisory. It was discovered that LibRaw could be made to read out of bounds. An attacker could...

Fedora 40 : mingw-LibRaw (2025-32a9eb17af)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-32a9eb17af advisory. Update to LibRaw 0.21.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

OSV-2022-1292 Heap-buffer-overflow in LibRaw::phase_one_correct

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=394920636 Crash type: Heap-buffer-overflow READ 2 Crash state: LibRaw::phaseonecorrect LibRaw::raw2imageex LibRaw::dcrawprocess...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : LibRaw vulnerabilities (USN-6137-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6137-1 advisory. It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially...

USN-3639-1 libraw vulnerabilities

It was discovered that LibRaw incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. CVE-2018-10528 It was discovered that LibRaw incorrectly handled certain files. An attacker could possibly use this to obtain sensitive information. CVE-2018-10529...

MGASA-2013-0385 Updated libkdcraw packages fix CVE-2013-1438 & CVE-2013-1439

Updated libkdcraw packages fix libraw security vulnerabilities: It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denia...