What the vulnerability does

01Description

A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in load_pnm() can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity.

Key dates

02Disclosure timeline

December 3, 2020 CVE published
August 4, 2024 Record updated