Lucene search
RedhatCVELIST:CVE-2020-25693HistoryDec 03, 2020 - 4:48 p.m.
CVE-2020-25693
2020-12-0316:48:26
CWE-190
redhat
www.cve.org
5
cimg
integer overflows
heap buffer overflows
load_pnm
specially crafted input file
application availability
data integrity
A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in load_pnm() can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity.
CNA Affected
[
{
"product": "CImg",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "CImg versions before 2.9.3"
}
]
}
]References
bugzilla.redhat.com/show_bug.cgi?id=1893377
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERBZALTF7LXN2LZLPGAUSVMV53GHHTUC/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MJ5Q7NNUPXATTBUKHFKIYYAV5GJDYCZL/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QZ3NPLYXZWEL7HETIFZVCXEZZ2WYYRWA/
Related
openvas
openvas
Fedora: Security Advisory for CImg (FEDORA-2021-ca1151e997)
2021-04-23 00:00:00
Fedora: Security Advisory for gmic (FEDORA-2021-2aaba884af)
2021-04-26 00:00:00
Mageia: Security Advisory (MGASA-2020-0443)
2022-01-28 00:00:00
osv
osv
cimg - security update
2020-11-23 00:00:00
CVE-2020-25693
2020-12-03 17:15:12
debian
debian
[SECURITY] [DLA 2462-1] cimg security update
2020-11-22 22:39:41
fedora
fedora
[SECURITY] Fedora 32 Update: gmic-2.9.7-1.fc32
2021-04-19 17:51:40
[SECURITY] Fedora 32 Update: CImg-2.9.7-1.fc32
2021-04-19 17:51:40
[SECURITY] Fedora 34 Update: CImg-2.9.7-1.fc34
2021-04-26 00:27:03
ubuntucve
ubuntucve
CVE-2020-25693
2020-12-03 00:00:00
cve
cve
CVE-2020-25693
2020-12-03 17:15:12
nvd
nvd
CVE-2020-25693
2020-12-03 17:15:12
archlinux
archlinux
[ASA-202012-2] cimg: arbitrary code execution
2020-12-05 00:00:00
prion
prion
Integer overflow
2020-12-03 17:15:00
redhatcve
redhatcve
CVE-2020-25693
2022-05-20 22:42:32
nessus
nessus
Debian DLA-2462-1 : cimg security update
2020-11-23 00:00:00
debiancve
debiancve
CVE-2020-25693
2020-12-03 17:15:12
mageia
mageia
Updated cimg packages fix a security vulnerability
2020-12-03 12:54:38
gitlab
gitlab
Out-of-bounds Write
2020-12-03 00:00:00