Lucene search
RedhatCVELIST:CVE-2022-1325HistoryAug 31, 2022 - 3:33 p.m.
CVE-2022-1325
2022-08-3115:33:00
CWE-400
redhat
www.cve.org
2
clmg
allocation flaw
buffer sizes
malicious image files
EPSS
0.001
Percentile
46.8%
A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer.
CNA Affected
[
{
"product": "Clmg",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in v3.1.0"
}
]
}
]Related
osv
osv
CVE-2022-1325
2022-08-31 16:15:09
nvd
nvd
CVE-2022-1325
2022-08-31 16:15:09
debiancve
debiancve
CVE-2022-1325
2022-08-31 16:15:09
gitlab
gitlab
Allocation of Resources Without Limits or Throttling
2022-08-31 00:00:00
ubuntucve
ubuntucve
CVE-2022-1325
2022-08-31 00:00:00
huntr
huntr
unchecked size in _load_bmp leads to RAM exhaustion in version 3.10
2022-03-25 00:16:31
cve
cve
CVE-2022-1325
2022-08-31 16:15:09
prion
prion
Buffer overflow
2022-08-31 16:15:00