Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1
purl pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1
Next non-vulnerable version 0.20.2-2.1+deb12u1
Latest non-vulnerable version 0.20.2-2.1+deb12u1
Risk 1.3
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-33xw-gu7q-3uht
Aliases:
CVE-2025-43964
LibRaw: Improper Validation of Specified Quantity in Input in LibRaw
0.20.2-2.1+deb12u1
Affected by 0 other vulnerabilities.
VCID-88vk-c7wu-fffr
Aliases:
CVE-2025-43962
LibRaw: Out-of-Bounds Read in LibRaw's phase_one_correct Function
0.20.2-2.1+deb12u1
Affected by 0 other vulnerabilities.
VCID-fbf4-mwnn-vqdp
Aliases:
CVE-2025-43963
LibRaw: out-of-buffer access
0.20.2-2.1+deb12u1
Affected by 0 other vulnerabilities.
VCID-y455-nxwt-7ygd
Aliases:
CVE-2025-43961
LibRaw: Out-of-Bounds Read in Fujifilm 0xf00c Tag Parser in LibRaw
0.20.2-2.1+deb12u1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (12)
Vulnerability Summary Aliases
VCID-25js-gs2n-jbfb LibRaw: Out-of-bounds read in LibRaw::adobe_copy_pixel() function CVE-2020-35533
VCID-43af-u5hy-afcg LibRaw: Out-of-bounds read in simple_decode_row() function CVE-2020-35532
VCID-54h1-vj6r-4ue5 LibRaw: Out-of-bounds read in LibRaw::parseSonySRF() function CVE-2020-35535
VCID-aa14-ypvj-pfen Out-of-bounds Write Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp. CVE-2021-32142
VCID-abzn-gut6-y3cz Multiple vulnerabilities have been found in LibRaw, the worst of which may allow attackers to execute arbitrary code. CVE-2020-24889
VCID-cx7p-nhr2-v3ay LibRaw: Memory corruption in "crxFreeSubbandData()" function CVE-2020-35534
VCID-hqh8-vz5n-23c9 libraw: Out of bounds read in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp CVE-2020-22628
VCID-n9u1-b4b8-sqft LibRaw: Out of bounds write in new_node() function CVE-2020-35530
VCID-npjj-h25x-c7ge LibRaw: Out-of-bounds read in get_huffman_diff() function CVE-2020-35531
VCID-pnd8-8z2d-4bh3 LibRaw: lack of thumbnail size range check can lead to buffer overflow CVE-2020-15503
VCID-th8h-py4c-47da Out-of-bounds Write A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. CVE-2023-1729
VCID-urry-mwtn-9ua4 A buffer overread in LibRaw might allow an attacker to cause denial of service. CVE-2020-24870

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T00:30:58.315653+00:00 Debian Oval Importer Fixing VCID-54h1-vj6r-4ue5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:20:19.852511+00:00 Debian Oval Importer Fixing VCID-npjj-h25x-c7ge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:01:31.729379+00:00 Debian Oval Importer Fixing VCID-urry-mwtn-9ua4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:49:00.735255+00:00 Debian Oval Importer Affected by VCID-fbf4-mwnn-vqdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:10:50.154302+00:00 Debian Oval Importer Fixing VCID-hqh8-vz5n-23c9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:14:35.931879+00:00 Debian Oval Importer Fixing VCID-cx7p-nhr2-v3ay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:02:49.056286+00:00 Debian Oval Importer Fixing VCID-43af-u5hy-afcg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:11:19.550689+00:00 Debian Oval Importer Affected by VCID-88vk-c7wu-fffr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:02:48.413316+00:00 Debian Oval Importer Fixing VCID-25js-gs2n-jbfb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:37:57.096440+00:00 Debian Oval Importer Fixing VCID-abzn-gut6-y3cz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:34:10.154481+00:00 Debian Oval Importer Affected by VCID-y455-nxwt-7ygd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:44:50.518165+00:00 Debian Oval Importer Fixing VCID-n9u1-b4b8-sqft https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:39:25.617020+00:00 Debian Oval Importer Fixing VCID-aa14-ypvj-pfen https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:57:46.902896+00:00 Debian Oval Importer Fixing VCID-pnd8-8z2d-4bh3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:28:20.438089+00:00 Debian Oval Importer Fixing VCID-th8h-py4c-47da https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:16:43.557493+00:00 Debian Oval Importer Affected by VCID-33xw-gu7q-3uht https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-12T00:04:16.411147+00:00 Debian Oval Importer Fixing VCID-54h1-vj6r-4ue5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:55:56.050997+00:00 Debian Oval Importer Fixing VCID-npjj-h25x-c7ge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:39:42.542680+00:00 Debian Oval Importer Fixing VCID-urry-mwtn-9ua4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:27:32.630598+00:00 Debian Oval Importer Affected by VCID-fbf4-mwnn-vqdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:50:43.360711+00:00 Debian Oval Importer Fixing VCID-hqh8-vz5n-23c9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:56:24.781272+00:00 Debian Oval Importer Fixing VCID-cx7p-nhr2-v3ay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:44:35.919515+00:00 Debian Oval Importer Fixing VCID-43af-u5hy-afcg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:56:47.179210+00:00 Debian Oval Importer Affected by VCID-88vk-c7wu-fffr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:48:32.350644+00:00 Debian Oval Importer Fixing VCID-25js-gs2n-jbfb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:24:10.012053+00:00 Debian Oval Importer Fixing VCID-abzn-gut6-y3cz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:20:29.444519+00:00 Debian Oval Importer Affected by VCID-y455-nxwt-7ygd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:31:39.632848+00:00 Debian Oval Importer Fixing VCID-n9u1-b4b8-sqft https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:26:21.577796+00:00 Debian Oval Importer Fixing VCID-aa14-ypvj-pfen https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:45:24.025700+00:00 Debian Oval Importer Fixing VCID-pnd8-8z2d-4bh3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:16:27.121746+00:00 Debian Oval Importer Fixing VCID-th8h-py4c-47da https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:05:03.610774+00:00 Debian Oval Importer Affected by VCID-33xw-gu7q-3uht https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T23:35:34.536166+00:00 Debian Oval Importer Fixing VCID-54h1-vj6r-4ue5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:30:15.801141+00:00 Debian Oval Importer Fixing VCID-npjj-h25x-c7ge https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:17:41.878656+00:00 Debian Oval Importer Fixing VCID-urry-mwtn-9ua4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:05:58.556974+00:00 Debian Oval Importer Affected by VCID-fbf4-mwnn-vqdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:30:18.780213+00:00 Debian Oval Importer Fixing VCID-hqh8-vz5n-23c9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:38:19.269205+00:00 Debian Oval Importer Fixing VCID-cx7p-nhr2-v3ay https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:27:24.331299+00:00 Debian Oval Importer Fixing VCID-43af-u5hy-afcg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:43:34.717688+00:00 Debian Oval Importer Affected by VCID-88vk-c7wu-fffr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:35:44.241749+00:00 Debian Oval Importer Fixing VCID-25js-gs2n-jbfb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:12:22.972821+00:00 Debian Oval Importer Fixing VCID-abzn-gut6-y3cz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:08:55.642947+00:00 Debian Oval Importer Affected by VCID-y455-nxwt-7ygd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:22:47.753256+00:00 Debian Oval Importer Fixing VCID-n9u1-b4b8-sqft https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:17:55.304470+00:00 Debian Oval Importer Fixing VCID-aa14-ypvj-pfen https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:39:05.589171+00:00 Debian Oval Importer Fixing VCID-pnd8-8z2d-4bh3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:11:14.672442+00:00 Debian Oval Importer Fixing VCID-th8h-py4c-47da https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:00:32.490624+00:00 Debian Oval Importer Affected by VCID-33xw-gu7q-3uht https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0