CVE-2013-2126
EPSS 2.4%Published: 8/14/2013Modified: 4/28/2026
Also known as:DEBIAN-CVE-2013-2126
Description
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
Affected packages (3)
- Debian/darktablefrom 0, < 1.2.1-2
- Debian/libkdcrawfrom 0, < 24.12.0-1
- Debian/librawfrom 0, < 0.15.3-1