VYPR

dng_sdk

by Google

CVEs (2)

  • CVE-2025-22423HigSep 2, 2025
    risk 0.49cvss 7.5epss 0.00

    In ParseTag of dng_ifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2025-0081HigAug 26, 2025
    risk 0.49cvss 7.5epss 0.00

    In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.