LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpackthumb.cpp, postprocessing/memimage.cpp, and utils/thumbutils.cpp. For example, malloc(sizeof(librawprocessedimaget)+T.tlength) occurs without validating T.tlength.
[
    {
        "id": "CVE-2020-15503-4de4e8ed",
        "target": {
            "file": "src/utils/thumb_utils.cpp"
        },
        "digest": {
            "line_hashes": [
                "95504925387959412511911477587878745185",
                "211498614830520016092898085902592191304",
                "258909625175771742828218197375693978553"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2020-15503-b47b1d85",
        "target": {
            "function": "LibRaw::kodak_thumb_loader",
            "file": "src/utils/thumb_utils.cpp"
        },
        "digest": {
            "length": 5265.0,
            "function_hash": "20834980326322708084884246758929434607"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Function"
    },
    {
        "id": "CVE-2020-15503-bab2ecca",
        "target": {
            "function": "LibRaw::dcraw_make_mem_thumb",
            "file": "src/postprocessing/mem_image.cpp"
        },
        "digest": {
            "length": 1869.0,
            "function_hash": "60925816791984355313585374140980915893"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Function"
    },
    {
        "id": "CVE-2020-15503-bd149f8b",
        "target": {
            "file": "src/decoders/unpack_thumb.cpp"
        },
        "digest": {
            "line_hashes": [
                "59779410903218153793678754994680767601",
                "132752582361061888394256996303006118673",
                "185045691167740575729910415964833655416",
                "161049959832819816644170497010757592682",
                "260007268614515162766175710996963767171",
                "255532408959626893688328621463383668856",
                "293793618887016688055475224622010045250",
                "237163547497289955783163831819047220253",
                "53946906021982039869438027886283012302",
                "159623424722262447118890624610300865183",
                "24074827839660080180766803516914248259",
                "193770801203564601580014460272938621217",
                "279776459699944493687719371011149108112",
                "106535962320044590641199677616499872207",
                "283450966731452391535050062147183429866",
                "94649701061232974678424622551508588263",
                "211509070784551980709998278180183119961",
                "283511725562753475212592465244817300621",
                "80668828536364397405743644776123983152",
                "237567926824714123645467842340474684318",
                "285312419739008761685997607143246357862",
                "258224793432605195806530931128263774249",
                "65443162971290850839897068754309996559",
                "148315636905740143535486119577249766951",
                "181202847632146431652953263163741802944",
                "106211129585307599656075310087927609507",
                "195072596634072040877784318058145114722",
                "306099842656121619297437396043320744575",
                "239128415640668498542060449212822440966",
                "25636571237006944437910063657224247718",
                "78239118379284603983132881493921935450",
                "47533961952800260579564617492129636545"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2020-15503-ccd49802",
        "target": {
            "function": "LibRaw::unpack_thumb",
            "file": "src/decoders/unpack_thumb.cpp"
        },
        "digest": {
            "length": 7684.0,
            "function_hash": "51726212998995411333273680451998935224"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Function"
    },
    {
        "id": "CVE-2020-15503-ddbaed06",
        "target": {
            "file": "src/postprocessing/mem_image.cpp"
        },
        "digest": {
            "line_hashes": [
                "187981261985522913612295356341902997356",
                "316324685096684762484593438217362973867",
                "42418153475302119724450462163414037082"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Line"
    },
    {
        "id": "CVE-2020-15503-ddf53db8",
        "target": {
            "file": "libraw/libraw_const.h"
        },
        "digest": {
            "line_hashes": [
                "249569001442104715920048703562899778"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/libraw/libraw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d",
        "signature_type": "Line"
    }
]