VDB
ASB-A-347735428
ASB-A-347735428
PUBLISHED
CVSS 6.900000095367432 MEDIUM
In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| platform | external/dng_sdk | 15-next:0, 15-next, 12:0 |
Timeline
- Mar 1, 2025 CVE Published
- May 15, 2026 CVE Updated