PT-2025-50134 · Adobe · Dng Sdk
Published
2025-12-09
·
Updated
2025-12-10
·
CVE-2025-64894
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
DNG SDK versions 1.7.0 and earlier
Description
The DNG SDK is affected by an Integer Overflow or Wraparound issue that may result in application denial-of-service. An attacker could exploit this to cause the application to crash or become unresponsive. User interaction is required, specifically a victim must open a malicious file for exploitation to occur.
Recommendations
Update to a newer version of DNG SDK than 1.7.0.
Fix
DoS
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dng Sdk