Vulnerability Details CVE-2018-10972
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.3%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
Products affected by CVE-2018-10972
-
cpe:2.3:a:flif:free_lossless_image_format:0.3