Libraw

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-43964 LOW PATCH Monitor

In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.

Information Disclosure Libraw
NVD GitHub
CVSS 3.1
2.9
EPSS
0.2%
CVE-2025-43963 LOW PATCH Monitor

In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing. Rated low severity (CVSS 2.9), this vulnerability is no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Libraw
NVD GitHub
CVSS 3.1
2.9
EPSS
0.3%
CVE-2025-43962 LOW PATCH Monitor

In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.

Information Disclosure Buffer Overflow Libraw
NVD GitHub
CVSS 3.1
2.9
EPSS
0.3%
CVE-2025-43961 LOW PATCH Monitor

In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.

Information Disclosure Buffer Overflow Libraw
NVD GitHub
CVSS 3.1
2.9
EPSS
0.3%
CVE-2025-43964
EPSS 0% CVSS 2.9
LOW PATCH Monitor

In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.

Information Disclosure Libraw
NVD GitHub
CVE-2025-43963
EPSS 0% CVSS 2.9
LOW PATCH Monitor

In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing. Rated low severity (CVSS 2.9), this vulnerability is no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Libraw
NVD GitHub
CVE-2025-43962
EPSS 0% CVSS 2.9
LOW PATCH Monitor

In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.

Information Disclosure Buffer Overflow Libraw
NVD GitHub
CVE-2025-43961
EPSS 0% CVSS 2.9
LOW PATCH Monitor

In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.

Information Disclosure Buffer Overflow Libraw
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy