Lucene search

[email protected]NVD:CVE-2021-40262

HistoryAug 22, 2023 - 7:16 p.m.

CVE-2021-40262

2023-08-2219:16:21

CWE-787

[email protected]

web.nvd.nist.gov

freeimage

stack exhaustion

pluginraw.cpp

validate function

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

27.8%

JSON

A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp.

Affected configurations

Nvd

Node

freeimage_projectfreeimageRange<1.18.0

VendorProductVersionCPE
freeimage_projectfreeimage*cpe:2.3:a:freeimage_project:freeimage:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
freeimage_project	freeimage	*	cpe:2.3:a:freeimage_project:freeimage::::::::

References

sourceforge.net/p/freeimage/bugs/338/

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

27.8%

JSON

Related for NVD:CVE-2021-40262

ubuntucve1 prion1 debiancve1 cve1 cvelist1