CVE-2023-47995

Опубликовано: 09 янв. 2024

Источник: debian

EPSS Низкий

Описание

Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.

Пакеты

Пакет	Статус	Релиз	Тип
freeimage	unfixed		package
freeimage	postponed	trixie	package
freeimage	postponed	bookworm	package
freeimage	postponed	bullseye	package

Примечания

https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47995
Patch in Fedora (not upstream'ed): https://src.fedoraproject.org/rpms/freeimage/blob/f39/f/CVE-2023-47995.patch
https://sourceforge.net/p/freeimage/bugs/360/

EPSS

Процентиль: 33%

0.00132

Низкий

Связанные уязвимости

CVE-2023-47995

CVSS3: 6.5

ubuntu

около 2 лет назад

Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.

CVE-2023-47995

CVSS3: 6.5

nvd

около 2 лет назад

Memory Allocation with Excessive Size Value discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.

GHSA-6jfr-j7mc-g8fg

CVSS3: 6.5

github

около 2 лет назад

Buffer Overflow vulnerability in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 allows attackers to cause a denial of service.

EPSS

Процентиль: 33%

0.00132

Низкий