VYPR

Freeimage

by Freeimage Project

CVEs (53)

  • CVE-2019-12214HigMay 20, 2019
    risk 0.49cvss 7.5epss 0.01

    In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2k_read_ppm_v3 function in j2k.c. The value of l_N_ppm comes from the file read in, and the code does not consider that l_N_ppm may be greater than the size of p_header_data.

  • CVE-2019-12212HigMay 20, 2019
    risk 0.49cvss 7.5epss 0.02

    When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize function of JXRMeta.c repeatedly calls itself due to improper processing of the file, eventually causing stack exhaustion. An attacker can achieve a remote denial of service attack by sending a specially…

  • CVE-2019-12211HigMay 20, 2019
    risk 0.49cvss 7.5epss 0.04

    When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow.

  • CVE-2024-28562MedMar 20, 2024
    risk 0.44cvss 6.8epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::copyIntoFrameBuffer() component when reading images in EXR format.

  • CVE-2023-47997MedJan 10, 2024
    risk 0.42cvss 6.5epss 0.01

    An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of service.

  • CVE-2023-47996MedJan 9, 2024
    risk 0.42cvss 6.5epss 0.01

    An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service.

  • CVE-2023-47995MedJan 9, 2024
    risk 0.42cvss 6.5epss 0.01

    Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.

  • CVE-2023-47993MedJan 9, 2024
    risk 0.42cvss 6.5epss 0.01

    A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service.

  • CVE-2021-40266MedAug 22, 2023
    risk 0.42cvss 6.5epss 0.01

    FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference.

  • CVE-2021-40264MedAug 22, 2023
    risk 0.42cvss 6.5epss 0.01

    NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp.

  • CVE-2021-40262MedAug 22, 2023
    risk 0.42cvss 6.5epss 0.01

    A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp.

  • CVE-2020-24294MedAug 22, 2023
    risk 0.42cvss 6.5epss 0.01

    Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd file.

  • CVE-2020-22524MedAug 22, 2023
    risk 0.42cvss 6.5epss 0.01

    Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted PFM file.

  • CVE-2019-12213MedMay 20, 2019
    risk 0.42cvss 6.5epss 0.02

    When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.

  • CVE-2024-28579MedMar 20, 2024
    risk 0.40cvss 6.2epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_Unload() function when reading images in HDR format.

  • CVE-2024-28575MedMar 20, 2024
    risk 0.40cvss 6.2epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_read_mct() function when reading images in J2K format.

  • CVE-2024-28574MedMar 20, 2024
    risk 0.40cvss 6.2epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the opj_j2k_copy_default_tcp_and_create_tcd() function when reading images in J2K format.

  • CVE-2024-28573MedMar 20, 2024
    risk 0.40cvss 6.2epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile() function when reading images in JPEG format.

  • CVE-2024-28572MedMar 20, 2024
    risk 0.40cvss 6.2epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_SetTagValue() function when reading images in JPEG format.

  • CVE-2024-28568MedMar 20, 2024
    risk 0.40cvss 6.2epss 0.00

    Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the read_iptc_profile() function when reading images in TIFF format.