cbcvebase.
CVE-2021-40266
published 2023-08-22

CVE-2021-40266: FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference.

medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianfreeimage
freeimage_projectfreeimage< 1.18.01.18.0

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM