rpm package
opensuse/libraw&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/libraw&distro=openSUSE%20Leap%2015.6
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-43964 | — | < 0.21.1-150600.3.5.1 | 0.21.1-150600.3.5.1 | Apr 20, 2025 | In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values. | ||
| CVE-2025-43963 | — | < 0.21.1-150600.3.5.1 | 0.21.1-150600.3.5.1 | Apr 20, 2025 | In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing. | ||
| CVE-2025-43962 | — | < 0.21.1-150600.3.5.1 | 0.21.1-150600.3.5.1 | Apr 20, 2025 | In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations. | ||
| CVE-2025-43961 | — | < 0.21.1-150600.3.5.1 | 0.21.1-150600.3.5.1 | Apr 20, 2025 | In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. |
- CVE-2025-43964Apr 20, 2025affected < 0.21.1-150600.3.5.1fixed 0.21.1-150600.3.5.1
In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.
- CVE-2025-43963Apr 20, 2025affected < 0.21.1-150600.3.5.1fixed 0.21.1-150600.3.5.1
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing.
- CVE-2025-43962Apr 20, 2025affected < 0.21.1-150600.3.5.1fixed 0.21.1-150600.3.5.1
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations.
- CVE-2025-43961Apr 20, 2025affected < 0.21.1-150600.3.5.1fixed 0.21.1-150600.3.5.1
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser.