Null Pointer Dereference Vulnerability in libraw 20.0's parse_tiff_ifd Function

Null Pointer Dereference Vulnerability in libraw 20.0's parse_tiff_ifd Function

CVE-2020-24890 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way

Learn more about our Web Application Penetration Testing UK.