Download
| Alert*
oval:org.secpod.oval:def:603810
cimg-dev is installed oval:org.secpod.oval:def:605211 cimg-dev is installed oval:org.secpod.oval:def:70143 cimg - C++ template image processing toolkit. Several security issues were fixed in CImg. oval:org.secpod.oval:def:2004692 CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE. The component is: load_network function. The attack vector is: Loading an image from a user-controllable url can lead to command injection, because no string sanitization is done on the url. The fixed ve ... oval:org.secpod.oval:def:1902048 An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image. oval:org.secpod.oval:def:2001334 An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "16 colors" case, aka case 4. oval:org.secpod.oval:def:2000066 An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "32 bits colors" case, aka case 32. oval:org.secpod.oval:def:1902049 An issue was discovered in CImg v.220. A double free in load_bmp in CImg.h occurs when loading a crafted bmp image. oval:org.secpod.oval:def:2000284 An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "256 colors" case, aka case 8. oval:org.secpod.oval:def:2000557 An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a Monochrome case, aka case 1. oval:org.secpod.oval:def:2000358 An issue was discovered in CImg v.220. A double free in load_bmp in CImg.h occurs when loading a crafted bmp image. oval:org.secpod.oval:def:2000545 An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "16 bits colors" case, aka case 16. oval:org.secpod.oval:def:2000542 An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image. oval:org.secpod.oval:def:1902047 An issue was discovered in CImg v.220. DoS occurs when loading a crafted bmp image that triggers an allocation failure in load_bmp in CImg.h. oval:org.secpod.oval:def:2001070 An issue was discovered in CImg v.220. DoS occurs when loading a crafted bmp image that triggers an allocation failure in load_bmp in CImg.h. |