CVE-2025-65803 — Integer Overflow or Wraparound in Project Freeimage

CWE-190 — Integer Overflow or Wraparound CWE-400 — Uncontrolled Resource Consumption6 documents6 sources

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 66.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Freeimage Project Freeimage

Timeline

PublishedDec 10

Description

An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before allows attackers to cause a Denial of Service (DoS) via supplying a crafted PSD file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDfreeimage_project/freeimage3.18.0

🔴Vulnerability Details

OSV

CVE-2025-65803: An integer overflow in the psdParser::ReadImageData function of FreeImage v3↗2025-12-10

▶

GHSA

GHSA-hwvj-wq82-3x6r: An integer overflow in the psdParser::ReadImageData function of FreeImage v3↗2025-12-10

▶

CVEList

CVE-2025-65803: An integer overflow in the psdParser::ReadImageData function of FreeImage v3↗2025-12-10

▶

📋Vendor Advisories

Debian

CVE-2025-65803: freeimage - An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18....↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-65803 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶