CVE-2020-25693 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Arbitrary code execution
Description	A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in load_pnm() can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1318	cimg	2.9.2-1	2.9.4-1	Medium	Fixed

Date	Advisory	Group	Package	Severity	Type
05 Dec 2020	ASA-202012-2	AVG-1318	cimg	Medium	arbitrary code execution

References
https://github.com/dtschump/CImg/pull/295 https://github.com/dtschump/CImg/commit/7db6d08355d09414d407e26aac10bb5825343e3a