Debian/libraw — 75 CVEs

Loading…

All known vulnerabilities

CRITICAL9.8CVE-2026-24660A heap-based buffer overflow vulnerability exists in the x3f_load_huffman functionality of LibRaw Commit d20315b.

from 0

CRITICAL9.8CVE-2026-24450An integer overflow vulnerability exists in the uncompressed_fp_dng_load_raw functionality of LibRaw Commit 8dc68e2.

from 0

CRITICAL9.8CVE-2026-21413A heap-based buffer overflow vulnerability exists in the lossless_jpeg_load_raw functionality of LibRaw Commit 0b56545 and Commit d20315b.

from 0

CRITICAL9.8A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b.

from 0

CRITICAL9.8A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b.

from 0

CRITICAL9.8An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2.

from 0

CRITICAL9.8In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.

from 0, < 0.20.2-1+deb11u2

CRITICAL9.8The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related…

from 0, < 0.17.1-1

CRITICAL9.8Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and pos…

from 0, < 0.17.1-1

CRITICAL9.8A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3.

from 0, < 0.18.5-1

CRITICAL9.8libraw - security update

from 0, < 0.16.0-9+deb8u3

CRITICAL9.8libraw - security update

from 0, < 0.14.6-2+deb7u2

CRITICAL9.8libraw - security update

from 0, < 0.18.2-2

CRITICAL9.1In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values…

from 0, < 0.20.2-1+deb11u2

CRITICAL9.1In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large…

from 0, < 0.20.2-1+deb11u2

CRITICAL9.1libraw - security update

from 0, < 0.20.2-1+deb11u2

CRITICAL9.1libraw - security update

from 0, < 0.20.2-1+deb11u2

CRITICAL9.1libraw - security update

from 0, < 0.14.6-2+deb7u3

CRITICAL9.1libraw - security update

from 0, < 0.18.5-1

HIGH8.8Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.

from 0, < 0.20.2-1

HIGH8.8There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1.

from 0, < 0.19.2-1

HIGH8.8An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a…

from 0, < 0.18.11-1

HIGH8.8An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to caus…

from 0, < 0.18.11-1

HIGH8.8An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stac…

from 0, < 0.18.11-1

HIGH8.8An error within the "samsung_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause…

from 0, < 0.18.11-1

HIGH8.8A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be explo…

from 0, < 0.18.8-1

HIGH8.8An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to…

from 0, < 0.18.7-1

HIGH8.8An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to c…

from 0, < 0.18.6-1

HIGH8.8An issue was discovered in LibRaw 0.18.9.

from 0, < 0.18.11-1

HIGH8.8An issue was discovered in LibRaw 0.18.9.

from 0, < 0.18.11-1

HIGH8.8LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file.

from 0, < 0.18.5-1

HIGH7.8libraw - security update

from 0, < 0.19.2-2+deb10u3

HIGH7.8libraw - security update

from 0, < 0.20.2-1+deb11u1

HIGH7.8libraw - security update

from 0, < 0.20.2-1+deb11u1

HIGH7.8A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context…

from 0, < 0.20.2-1

HIGH7.8A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to ca…

from 0, < 0.18.2-2

HIGH7.5libraw - security update

from 0, < 0.19.2-2+deb10u2

HIGH7.5libraw - security update

from 0, < 0.20.0-4

HIGH7.5An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exha…

from 0, < 0.19.1-1

HIGH7.5An error within the "parse_rollei()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to trigge…

from 0, < 0.19.1-1

HIGH7.5A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be…

from 0, < 0.19.1-1

HIGH7.5libraw - security update

from 0, < 0.18.5-1

HIGH7.5libraw - security update

from 0, < 0.17.2-6+deb9u2

MEDIUM6.5libraw - security update

from 0, < 0.20.0-4

MEDIUM6.5libraw - security update

from 0, < 0.19.2-2+deb10u4

MEDIUM6.5A flaw was found in LibRaw.

from 0, < 0.20.2-1+deb11u1

MEDIUM6.5LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.

from 0, < 0.19.2-2

MEDIUM6.5LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.

from 0, < 0.19.2-2

MEDIUM6.5LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.

from 0, < 0.19.2-2

MEDIUM6.5An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited…

from 0, < 0.18.13-1

MEDIUM6.5An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited…

from 0, < 0.18.13-1

MEDIUM6.5An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite…

from 0, < 0.18.11-1

MEDIUM6.5An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to…

from 0, < 0.18.11-1

MEDIUM6.5An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to…

from 0, < 0.18.11-1

MEDIUM6.5An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigg…

from 0, < 0.18.8-1

MEDIUM6.5A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to…

from 0, < 0.18.8-1

MEDIUM6.5An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL…

from 0, < 0.18.7-1

MEDIUM6.5libraw - security update

from 0, < 0.18.7-1

MEDIUM6.5libraw - security update

from 0, < 0.16.0-9+deb8u4

MEDIUM6.5An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited…

from 0, < 0.18.6-1

MEDIUM5.5In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when pr…

from 0, < 0.20.0-4

MEDIUM5.5In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when process…

from 0, < 0.20.0-4

MEDIUM5.5In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when r…

from 0, < 0.20.0-4

MEDIUM5.5In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) whic…

from 0, < 0.20.0-4

MEDIUM5.5In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when re…

from 0, < 0.20.0-4

MEDIUM5.5libraw - security update

from 0, < 0.20.0-4

MEDIUM5.5libraw - security update

from 0, < 0.19.2-2+deb10u1

MEDIUM5.5libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent…

from 0

MEDIUM4.3A weakness has been identified in LibRaw up to 0.22.0.

from 0

—A flaw has been found in LibRaw up to 0.22.0.

from 0

—freeimage - security update

from 0, < 0.9.1-1+deb6u1

—freeimage - security update

from 0, < 0.16.2-1

—exactimage - denial of service

from 0, < 0.15.4-1

—The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of servi…

from 0, < 0.15.4-1

—Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attac…

from 0, < 0.15.3-1

pkg:Debian/libraw

✅ Check your installed version

All known vulnerabilities