Lucene search

[email protected]CVE-2021-40266

HistoryAug 22, 2023 - 7:16 p.m.

CVE-2021-40266

2023-08-2219:16:21

CWE-476

[email protected]

web.nvd.nist.gov

cve-2021-40266

freeimage

plugintiff.cpp

null pointer dereference

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.9%

JSON

FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference.

Affected configurations

NVD

Node

freeimage_projectfreeimageRange<1.18.0

CPENameOperatorVersion
freeimage_project:freeimagefreeimage project freeimagelt1.18.0

CPE	Name	Operator	Version
freeimage_project:freeimage	freeimage project freeimage	lt	1.18.0

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFRQ76ZDPSWT7OH6FJDLSFWBXVBE6JDN/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M6GKMK74POW3RU7F4HLUJE7XEFLQDO35/

sourceforge.net/p/freeimage/bugs/334/

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.9%

JSON

Related for CVE-2021-40266

ubuntucve1 cvelist1 debiancve1 prion1 nvd1 fedora4 openvas4 nessus2