Critical severity9.8NVD Advisory· Published Jul 25, 2019· Updated Jun 17, 2026
CVE-2019-1010174
CVE-2019-1010174
Description
CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE. The component is: load_network() function. The attack vector is: Loading an image from a user-controllable url can lead to command injection, because no string sanitization is done on the url. The fixed version is: v.2.3.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2.3.3
- CImg/The CImg Libraryv5Range: v.2.3.3 and earlier [fixed: v.2.3.4]
Patches
Vulnerability mechanics
References
3- framagit.org/dtschump/CImg/commit/5ce7a426b77f814973e56182a0e76a2b04904146nvdPatchThird Party Advisory
- lists.debian.org/debian-lts-announce/2019/09/msg00030.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2020/10/msg00033.htmlnvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.