Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identifyprocessdng_fields in identify.cpp.
{ "urgency": "not yet assigned" }