Vulnerability Details CVE-2024-28584
Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the J2KImageToFIBITMAP() function when reading images in J2K format.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.5%
CVSS Severity
CVSS v3 Score 3.3
References
- http://www.openwall.com/lists/oss-security/2024/04/11/10
- http://www.openwall.com/lists/oss-security/2024/04/11/2
- http://www.openwall.com/lists/oss-security/2024/04/11/3
- https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
- http://www.openwall.com/lists/oss-security/2024/04/11/10
- http://www.openwall.com/lists/oss-security/2024/04/11/2
- http://www.openwall.com/lists/oss-security/2024/04/11/3
- https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
Products affected by CVE-2024-28584
-
cpe:2.3:a:freeimage_project:freeimage:3.19.0