How severe is CVE-2025-43964?

CVE-2025-43964 has a CVSS v3 score of 2.9 (LOW).

CVE-2025-43964

Name: libraw
Author: libraw

2.9LOW

Publicado: 4/21/2025Atualizado: 11/3/2025

In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.

librawlibraw