Vulnerabilities > CVE-2020-24890 - NULL Pointer Dereference vulnerability in Libraw 0.20.0

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
libraw
CWE-476

Summary

libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way

Vulnerable Configurations

Part Description Count
Application
Libraw
1

Common Weakness Enumeration (CWE)