Unrated severityNVD Advisory· Published Sep 16, 2020· Updated Aug 4, 2024
CVE-2020-24890
CVE-2020-24890
Description
libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- libraw/librawdescription
Patches
Vulnerability mechanics
References
3- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWHUZCRMGOC3QS6C65KWBM6ZJM25V6HI/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202010-05mitrevendor-advisoryx_refsource_GENTOO
- github.com/LibRaw/LibRaw/issues/335mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.