Aggregates CVE and security vulnerability intelligence across all LibRaw-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related problems; some flaws may lead to vendor impact application crash, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-35530 | In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file. | [email protected] | 5.5 | 0.37% | 2022-09-01 | 2026-06-16 |
| CVE-2020-24870 | Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp. | [email protected] | 8.8 | 1.62% | 2021-06-02 | 2026-06-16 |
| CVE-2020-24890 | libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way | [email protected] | 5.5 | 1.55% | 2020-09-16 | 2026-06-16 |
| CVE-2020-24889 | A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution. | [email protected] | 7.8 | 1.44% | 2020-09-16 | 2026-06-16 |
| CVE-2020-15503 | LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. | [email protected] | 7.5 | 3.67% | 2020-07-02 | 2026-06-16 |
| CVE-2020-15365 | LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds. | [email protected] | 6.5 | 1.33% | 2020-06-28 | 2026-06-16 |
| CVE-2015-8367 | The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization. | [email protected] | 9.8 | 5.45% | 2020-01-14 | 2026-06-16 |
| CVE-2015-8366 | Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes. | [email protected] | 9.8 | 4.94% | 2020-01-14 | 2026-06-16 |
| CVE-2018-5819 | An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources. | [email protected] | 7.5 | 2.82% | 2019-02-20 | 2026-06-16 |
| CVE-2018-5818 | An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop. | [email protected] | 7.5 | 2.33% | 2019-02-20 | 2026-06-16 |
| CVE-2018-5817 | A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. | [email protected] | 7.5 | 2.50% | 2019-02-20 | 2026-06-16 |
| CVE-2018-20365 | LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. | [email protected] | 6.5 | 2.78% | 2018-12-22 | 2026-06-16 |
| CVE-2018-20364 | LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. | [email protected] | 6.5 | 2.64% | 2018-12-22 | 2026-06-16 |
| CVE-2018-20363 | LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. | [email protected] | 6.5 | 2.84% | 2018-12-22 | 2026-06-16 |
| CVE-2018-20337 | There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact. | [email protected] | 8.8 | 2.07% | 2018-12-21 | 2026-06-16 |
| CVE-2018-5816 | An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804). | [email protected] | 6.5 | 2.11% | 2018-12-07 | 2026-06-16 |
| CVE-2018-5815 | An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file. | [email protected] | 6.5 | 2.19% | 2018-12-07 | 2026-06-16 |
| CVE-2018-5813 | An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file. | [email protected] | 6.5 | 2.09% | 2018-12-07 | 2026-06-16 |
| CVE-2018-5812 | An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference. | [email protected] | 6.5 | 1.79% | 2018-12-07 | 2026-06-16 |
| CVE-2018-5811 | An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. | [email protected] | 6.5 | 1.80% | 2018-12-07 | 2026-06-16 |