CVE-2020-21428

HIGH7.8EPSS 0.06%

Published: 8/22/2023Modified: 4/28/2026

Also known as:DEBIAN-CVE-2020-21428

Description

Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

Affected packages (1)

Debian/freeimagefrom 0, < 3.18.0+ds2-6+deb11u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.8	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2020-21428