DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this issue to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
2025-12-09T18:16:07.983
2025-12-10T16:03:12.653
Analyzed
CVSSv3.1: 5.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | adobe | dng_software_development_kit | ≤ 1.7.0 | Yes |
| Operating System | apple | macos | - | No |
| Operating System | microsoft | windows | - | No |