CVE-2024-26540 | GreycLab Clmg up to 3.3.2 File _load_analyze heap-based overflow

Posted by Angelo Barbosa | Mar 15, 2024 | CVE

A vulnerability, which was classified as critical, was found in GreycLab Clmg up to 3.3.2. This affects the function cimg_library::CImg::_load_analyze of the component File Handler. The manipulation leads to heap-based buffer overflow.

This vulnerability is uniquely identified as CVE-2024-26540. Access to the local network is required for this attack to succeed. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-26540 | GreycLab Clmg up to 3.3.2 File _load_analyze heap-based overflow

Related Posts

CVE-2024-5290 | Canonical wpa_supplicant uncontrolled search path

CVE-2021-47492 | Linux Kernel up to 5.10.76/5.14.15 thp collapse_file denial of service (69a7fa5cb0de/5e669d8ab30a/74c42e1baacf)

CVE-2021-47433 | Linux Kernel up to 5.10.74/5.14.13 btrfs_replace_file_extents injection (0e32a2b85c7d/0e309e1152fc/4afb912f439c)

CVE-2024-23621 | IBM Merge Healthcare eFilm Workstation up to 4.2 buffer overflow