Debian Freeimage vulnerabilities

CVE-2024-28562 [MEDIUM] CVE-2024-28562: freeimage - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a... Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::copyIntoFrameBuffer() component when reading images in EXR format. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2024-28570 [MEDIUM] CVE-2024-28570: freeimage - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a... Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the processMakerNote() function when reading images in JPEG format. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2024-28564 [MEDIUM] CVE-2024-28564: freeimage - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a... Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::CharPtrIO::readChars() function when reading images in EXR format. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2024-28573 [MEDIUM] CVE-2024-28573: freeimage - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a... Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile() function when reading images in JPEG format. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2024-28571 [MEDIUM] CVE-2024-28571: freeimage - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a... Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the fill_input_buffer() function when reading images in JPEG format. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2024-28575 [MEDIUM] CVE-2024-28575: freeimage - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a... Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_read_mct() function when reading images in J2K format. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2024-28584 [LOW] CVE-2024-28584: freeimage - Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909]... Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the J2KImageToFIBITMAP() function when reading images in J2K format. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-47994 [HIGH] CVE-2023-47994: freeimage - An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp... An integer overflow vulnerability in LoadPixelDataRLE4 function in PluginBMP.cpp in Freeimage 3.18.0 allows attackers to obtain sensitive information, cause a denial of service and/or run arbitrary code. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-47992 [HIGH] CVE-2023-47992: freeimage - An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeIma... An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc in FreeImage 3.18.0 allows attackers to obtain sensitive information, cause a denial-of-service attacks and/or run arbitrary code. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-47997 [MEDIUM] CVE-2023-47997: freeimage - An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3... An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of service. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-47993 [MEDIUM] CVE-2023-47993: freeimage - A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.1... A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-47996 [MEDIUM] CVE-2023-47996: freeimage - An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3... An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-47995 [MEDIUM] CVE-2023-47995: freeimage - Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::Free... Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-40263 [HIGH] CVE-2021-40263: freeimage - A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in Plu... A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in PluginTIFF.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-40265 [HIGH] CVE-2021-40265: freeimage - A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in Plugin... A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in PluginJPEG.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-33367 [MEDIUM] CVE-2021-33367: freeimage - Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a de... Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR file. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-40266 [MEDIUM] CVE-2021-40266: freeimage - FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile t... FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-40262 [MEDIUM] CVE-2021-40262: freeimage - A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Valid... A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-40264 [MEDIUM] CVE-2021-40264: freeimage - NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeIm... NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2020-24293 [HIGH] CVE-2020-24293: freeimage - Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImag... Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open