VDB

ASB-A-347735428

ASB-A-347735428 PUBLISHED CVSS 6.900000095367432 MEDIUM

In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

VendorProductVersions
platformexternal/dng_sdk15-next:0, 15-next, 12:0

Timeline

  • Mar 1, 2025 CVE Published
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›