Freeimage@3.18.0 Security Vulnerabilities and Issues — Freeimage@3.18.0 CVE List

Lucene search

Freeimage ProjectFreeimage3.18.0

14 matches found

CVE•added 2019/05/20 4:29 p.m.•122 views

CVE-2019-12213

When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.

6.5CVSS6.5AI score0.00264EPSS

CVE•added 2019/05/20 4:29 p.m.•92 views

CVE-2019-12211

When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow.

7.5CVSS7.2AI score0.00884EPSS

CVE•added 2024/01/10 12:15 a.m.•77 views

CVE-2023-47997

An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of service.

6.5CVSS6.1AI score0.00089EPSS

CVE•added 2024/01/09 11:15 p.m.•76 views

CVE-2023-47995

Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.

6.5CVSS6.1AI score0.00116EPSS

CVE•added 2023/08/22 7:16 p.m.•67 views

CVE-2020-21428

Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

7.8CVSS7.6AI score0.00061EPSS

CVE•added 2023/08/22 7:16 p.m.•63 views

CVE-2020-21427

Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

7.8CVSS7.6AI score0.00362EPSS

CVE•added 2023/08/22 7:16 p.m.•48 views

CVE-2020-21426

Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

7.8CVSS7.6AI score0.00268EPSS

CVE•added 2023/02/22 9:15 p.m.•48 views

CVE-2021-33367

Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR file.

5.5CVSS5AI score0.00036EPSS

CVE•added 2019/05/20 4:29 p.m.•39 views

CVE-2019-12212

When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file.

7.5CVSS7.3AI score0.0065EPSS

CVE•added 2019/05/20 4:29 p.m.•38 views

CVE-2019-12214

In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data.

7.5CVSS7.5AI score0.00334EPSS

CVE•added 2024/01/09 11:15 p.m.•30 views

CVE-2023-47994

An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code.

8.8CVSS8.7AI score0.00141EPSS

CVE•added 2024/01/09 11:15 p.m.•28 views

CVE-2023-47992

An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary code.

8.8CVSS8.7AI score0.00151EPSS

CVE•added 2024/01/09 11:15 p.m.•26 views

CVE-2023-47996

An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service.

6.5CVSS6.4AI score0.00097EPSS

CVE•added 2024/01/09 11:15 p.m.•25 views

CVE-2023-47993

A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service.

6.5CVSS6.2AI score0.00096EPSS