VDB
CVE-2024-26540
CVE-2024-26540
PUBLISHED
CVSS 7.800000190734863 HIGH
A heap-based buffer overflow in Clmg before 3.3.3 can occur via a crafted file to cimg_library::CImg<unsigned char>::_load_analyze.
EPSS 0.11% · 29.6th percentile
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.11%
29.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| cimg | cimg | 0 |
| clmg_project | clmg | 0 |
Exploit Intelligence
- https://github.com/GreycLab/CImg/issues/403 (nist-nvd)
Timeline
- Mar 15, 2024 CVE Published
- Mar 15, 2024 EPSS Score
- Apr 10, 2024 EPSS Score
- May 6, 2024 EPSS Score
- Jun 1, 2024 EPSS Score
- Jun 27, 2024 EPSS Score
- Jul 23, 2024 EPSS Score
- Aug 18, 2024 EPSS Score
- Aug 27, 2024 CVE Updated
- Sep 13, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 9, 2024 EPSS Score