cbcvebase.

Debian Freeimage vulnerabilities

54 known vulnerabilities affecting debian/freeimage.

Total CVEs
54
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH22MEDIUM29LOW1

Vulnerabilities

Page 3 of 3
CVE-2020-24292HIGHCVSS 8.82020
CVE-2020-24292 [HIGH] CVE-2020-24292: freeimage - Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.1... Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open
debian
CVE-2020-21428HIGHCVSS 7.8fixed in freeimage 3.18.0+ds2-9+deb12u1 (bookworm)2020
CVE-2020-21428 [HIGH] CVE-2020-21428: freeimage - Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage ... Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. Scope: local bookworm: resolved (fixed in 3.18.0+ds2-9+deb12u1) bullseye: resolved (fixed in 3.18.0+ds2-6+deb11u1) forky: resolved (fixed in 3.18.0+ds2-10) sid: resolved (fixed in 3.18.
debian
CVE-2020-21427HIGHCVSS 7.8fixed in freeimage 3.18.0+ds2-9+deb12u1 (bookworm)2020
CVE-2020-21427 [HIGH] CVE-2020-21427: freeimage - Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in ... Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. Scope: local bookworm: resolved (fixed in 3.18.0+ds2-9+deb12u1) bullseye: resolved (fixed in 3.18.0+ds2-6+deb11u1) forky: resolved (fixed in 3.18.0+ds2-10) sid: resolved (fixe
debian
CVE-2020-24295HIGHCVSS 8.82020
CVE-2020-24295 [HIGH] CVE-2020-24295: freeimage - Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.1... Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open
debian
CVE-2020-21426HIGHCVSS 7.82020
CVE-2020-21426 [HIGH] CVE-2020-21426: freeimage - Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in Fr... Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open
debian
CVE-2020-24294MEDIUMCVSS 6.52020
CVE-2020-24294 [MEDIUM] CVE-2020-24294: freeimage - Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp ... Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd file. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open
debian
CVE-2020-22524MEDIUMCVSS 6.5fixed in freeimage 3.18.0+ds2-9+deb12u1 (bookworm)2020
CVE-2020-22524 [MEDIUM] CVE-2020-22524: freeimage - Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.... Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted PFM file. Scope: local bookworm: resolved (fixed in 3.18.0+ds2-9+deb12u1) bullseye: resolved (fixed in 3.18.0+ds2-6+deb11u1) forky: resolved (fixed in 3.18.0+ds2-10) sid: resolved (fixed in 3.18.0+ds2-10) trixie: r
debian
CVE-2019-12214HIGHCVSS 7.52019
CVE-2019-12214 [HIGH] CVE-2019-12214: freeimage - In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of th... In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open
debian
CVE-2019-12212HIGHCVSS 7.52019
CVE-2019-12212 [HIGH] CVE-2019-12212: freeimage - When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function o... When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially constructed file. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: o
debian
CVE-2019-12211HIGHCVSS 7.5fixed in freeimage 3.18.0+ds2-3 (bookworm)2019
CVE-2019-12211 [HIGH] CVE-2019-12211: freeimage - When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function ... When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow. Scope: local bookworm: resolved (fixed in 3.18.0+ds2-3) bullseye: resolved (fixed in 3.18.0+ds2-3) forky: resolved (fixed i
debian
CVE-2019-12213MEDIUMCVSS 6.5fixed in freeimage 3.18.0+ds2-3 (bookworm)2019
CVE-2019-12213 [MEDIUM] CVE-2019-12213: freeimage - When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function ... When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. Scope: local bookworm: resolved (fixed in 3.18.0+ds2-3) bullseye: resolved (fixed in 3.18.0+ds2-3) forky: resolved (fixed in 3.18.0+ds2-3) sid: resolved (fixed in 3.18.0+ds2-3) trixie: resolved (fixed in 3.18.0+ds2-3)
debian
CVE-2016-5684HIGHCVSS 7.8fixed in freeimage 3.17.0+ds1-3 (bookworm)2016
CVE-2016-5684 [HIGH] CVE-2016-5684: freeimage - An exploitable out-of-bounds write vulnerability exists in the XMP image handlin... An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this vulnerability. Scope: local bookworm: resolved (fixed in 3.17.0+ds1-3) bullseye: resolved
debian
CVE-2015-0852MEDIUMCVSS 5.0fixed in freeimage 3.15.4-5 (bookworm)2015
CVE-2015-0852 [MEDIUM] CVE-2015-0852: freeimage - Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier all... Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a window. Scope: local bookworm: resolved (fixed in 3.15.4-5) bullseye: resolved (fixed in 3.15.4-5) forky: resolved (fixed in 3.15.4-5) sid: resolved (fixed in 3.15
debian
CVE-2015-3885MEDIUMCVSS 4.3fixed in darktable 1.6.7-1 (bookworm)2015
CVE-2015-3885 [MEDIUM] CVE-2015-3885: darktable - Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows re... Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable. Scope: local bookworm: resolved (fixed in 1.6.7-1) bullseye: resolved (fixed in 1.6.7-1) forky: resolved (fixed in 1.6.7-1) sid: resolved (fixed in 1.
debian
← Previous3 / 3
Debian Freeimage vulnerabilities | cvebase