CVE-2026-20911

N/A

A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

缓冲区大小计算不正确

Libraw 安全漏洞

Libraw是Libraw公司的一个用来处理RAW(CRW/CR2,NEF,RAF,DNG,andothers)格式图片的C++库，支持各种操作系统。 Libraw存在安全漏洞，该漏洞源于HuffTable::initval功能存在堆缓冲区溢出，可能导致堆缓冲区溢出。

N/A

N/A