VDB

GCVE-VVD-MAGEIA-2020-19

GCVE-VVD-MAGEIA-2020-19
Advisory Published
Vulnetix · Advisory published January 11, 2020
The updated packages fix security vulnerabilities: When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow. (CVE-2019-12211) When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. (CVE-2019-12213)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageianextcloud-client0 (affected), 2.6.2-1.mga7 (unaffected)
Mageiafreeimage0 (affected), 3.18.0-2.mga7 (unaffected), 0 (affected), 3.18.0-2.mga7 (unaffected)

Aliases

CVE-2019-12211CVE-2019-12213

Transitive aliases

CNVD-2019-15547VVD-GENTOO-2019-701850BDU:2020-01975GSD-2019-12211EUVD-2019-3856GSD-2019-12213GHSA-v535-35pv-hpf9BDU:2020-01974GHSA-32gm-g888-8wvjEUVD-2019-3858

References

Updated freeimage packages fix security vulnerabilities
advisory
Updated freeimage packages fix security vulnerabilities
issue
Updated freeimage packages fix security vulnerabilities
issue
Updated freeimage packages fix security vulnerabilities
issue
nextcloud-client maintenance release
advisory
nextcloud-client maintenance release
issue
nextcloud-client maintenance release
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›