6 matches found
CVE-2026-13708
Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in ireadjpegwiol. ireadjpegwiol walks the marker list libjpeg returns and, for each APP13 marker, allocates a new buffer with iptcitext = mymalloc... and overwrites the previous...
CVE-2026-13708
Affected software: Imager::File::JPEG (Perl). Vulnerability: In i_readjpeg_wiol, for each APP13 marker encountered while reading a JPEG, a new buffer is allocated and assigned to *iptc_itext without freeing the previous buffer. The final payload is converted to a Perl scalar and freed, but the ea...
CVE-2026-8454
Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The...
CVE-2026-8454
CVE-2026-8454 affects Imager::File::GIF (Perl) up to version 1.002. The root cause is a single per-row GifRow buffer sized to the GIF’s global SWidth being reused across multiple images, with a missing bounds check in the parallel skip-image path (DGifGetLine with Width) that can lead to a heap o...
Imager::File::GIF 缓冲区错误漏洞
Imager::File::GIF is a Perl image module developed by Tony Cook, which supports the reading, writing, and processing of GIF images. Versions of Imager::File::GIF 1.002 and earlier contained a buffer error vulnerability. This vulnerability stemmed from the ireadgifmultilow function, which allocate...
Linux Distros Unpatched Vulnerability : CVE-2026-8669
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Imager versions through 1.030 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a...