libraw security advisories
3 threat alerts tracking vulnerabilities and security advisories that affect libraw products.
Vulnios monitors libraw CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent libraw security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2017-6890 — libraw — libraw-demosaic-pack-gpl2
A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer o
criticalCVE-2017-6890Critical Vulnerability: CVE-2017-6889 — libraw — libraw-demosaic-pack-gpl2
An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow.
criticalCVE-2017-6889Critical Vulnerability: CVE-2017-6886 — libraw — libraw
An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory.
criticalCVE-2017-6886
Track libraw exposure across your environment
Vulnios automatically cross-references your asset inventory against new libraw CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan