CVE-2024-26540

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26540
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26540.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26540
Related
Published
2024-03-15T01:15:58Z
Modified
2024-10-12T11:20:55.122356Z
Summary
[none]
Details

A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimglibrary::CImg<unsigned char>::load_analyze.

References

Affected packages

Debian:11 / cimg

Package

Name
cimg
Purl
pkg:deb/debian/cimg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.9.4+dfsg-2
2.9.4+dfsg-3

3.*

3.0.2+dfsg-1
3.1.6+dfsg-1
3.1.6+dfsg-2
3.1.6+dfsg-3
3.1.6+dfsg-4
3.1.6+dfsg-5
3.1.6+dfsg-6
3.2.0+dfsg-1
3.2.1+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / cimg

Package

Name
cimg
Purl
pkg:deb/debian/cimg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.2.1+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/greyclab/cimg

Affected ranges

Type
GIT
Repo
https://github.com/greyclab/cimg
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

v.*

v.2.3.0
v.2.3.1
v.2.3.2
v.2.3.3
v.2.3.4
v.2.3.5
v.2.3.6
v.2.4.0
v.2.4.1
v.2.4.2
v.2.4.3
v.2.4.4
v.2.4.5
v.2.5.0
v.2.5.1
v.2.5.2
v.2.5.3
v.2.5.4
v.2.5.5
v.2.5.6
v.2.5.7
v.2.6.0
v.2.6.1
v.2.6.2
v.2.6.3
v.2.6.4
v.2.6.5
v.2.6.6
v.2.6.7
v.2.7.0
v.2.7.1
v.2.7.2
v.2.7.3
v.2.7.4
v.2.7.5
v.2.8.0
v.2.8.1
v.2.8.2
v.2.8.3
v.2.8.4
v.2.9.0
v.2.9.1
v.2.9.2
v.2.9.3
v.2.9.4
v.2.9.5
v.2.9.6
v.2.9.7
v.2.9.8
v.2.9.9
v.3.0.0
v.3.0.1
v.3.0.2
v.3.1.0
v.3.1.1
v.3.1.2
v.3.1.3
v.3.1.4
v.3.1.6
v.3.2.0
v.3.2.1
v.3.2.2
v.3.2.3
v.3.2.4
v.3.2.5
v.3.2.6
v.3.3.0
v.3.3.1
v.3.3.2