In LibRaw, an out-of-bounds read vulnerability exists within the "simpledecoderow()" function (libraw\src\x3f\x3futilspatched.cpp) which can be triggered via an image with a large row_stride field.
{ "urgency": "not yet assigned" }