22 matches found
Unity Linux 20.1050e / 20.1070e Security Update: LibRaw (UTSA-2026-015451)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015451 advisory. In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values. Tenable has extracted the...
Astra Linux – Vulnerability in libraw
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads when processing tag 0x412, which is related to large values of w0 or w1, or the frac and mult calculations...
Astra Linux – Vulnerability in libraw
In LibRaw before 0.21.4, the processing of tag 0x412 in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...
Updated libraw, digikam & darktable packages fix security vulnerabilities
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. CVE-2025-43961 In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult...
EUVD-2025-11961
Malicious code in bioql PyPI...
EUVD-2025-11959
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-43962
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the...
Linux Distros Unpatched Vulnerability : CVE-2025-43964
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values. CVE-2025-43964 Note that...
Medium: LibRaw
Issue Overview: In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values, which are used for indexing arrays, and may lead to out of bounds memory access. CVE-2025-43964 Affected Packages: LibRaw Note: This advisory is...
OESA-2025-1478 LibRaw security update
LibRaw is a library for reading RAW files from digital photo cameras CRW/CR2, NEF, RAF, etc, virtually all RAW formats are supported.It pays special attention to correct retrieval of data required for subsequent RAW conversion.The library is intended for embedding in RAW converters, data analyzer...
SUSE CVE-2025-43962
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...
SUSE CVE-2025-43964
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...
CVE-2025-43962
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...
AZL-61756 CVE-2025-43964 affecting package LibRaw 0.21.3-1
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...
AZL-61780 CVE-2025-43962 affecting package LibRaw 0.21.3-1
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...
DEBIAN-CVE-2025-43964
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...
UBUNTU-CVE-2025-43962
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...
UBUNTU-CVE-2025-43964
In LibRaw before 0.21.4, tag 0x412 processing in phaseonecorrect in decoders/loadmfbacks.cpp does not enforce minimum w0 and w1 values...
CVE-2025-43964
Summary: CVE-2025-43964 affects LibRaw up to version 0.21.3, where tag 0x412 processing in phase_one_correct (decoders/load_mfbacks.cpp) does not enforce minimum w0 and w1 values, enabling out-of-bounds memory access. The connected advisory confirms the issue and notes a fix in LibRaw 0.21.4. Aff...
CVE-2025-43962
In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations...