CVE-2020-35531 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2020-35531 Interim 1 7 2025-02-17T01:07:30Z current 2022-08-30T23:42:23Z 2025-02-17T01:07:30Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2020-35531 In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Workstation Extension 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Workstation Extension 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Workstation Extension 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libraw libraw-devel libraw16 libraw20 libraw9 libraw20 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libraw as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libraw9 as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 libraw as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 libraw-devel as a component of SUSE Linux Enterprise Workstation Extension 15 SP3 libraw16 as a component of SUSE Linux Enterprise Workstation Extension 15 SP3 libraw as a component of SUSE Linux Enterprise Workstation Extension 15 SP3 libraw-devel as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 libraw16 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 libraw as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file. CVE-2020-35531 SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libraw SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libraw20 SUSE Linux Enterprise Workstation Extension 12 SP5:libraw SUSE Linux Enterprise Workstation Extension 12 SP5:libraw9 SUSE Linux Enterprise Workstation Extension 15 SP3:libraw SUSE Linux Enterprise Workstation Extension 15 SP3:libraw-devel SUSE Linux Enterprise Workstation Extension 15 SP3:libraw16 SUSE Linux Enterprise Workstation Extension 15 SP4:libraw SUSE Linux Enterprise Workstation Extension 15 SP4:libraw-devel SUSE Linux Enterprise Workstation Extension 15 SP4:libraw16 moderate 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H