CVE-2024-53901

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-53901
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53901.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-53901
Downstream
Published
2024-11-24T17:15:04.990Z
Modified
2026-03-14T01:59:00.293666Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.

References

Affected packages

Git / github.com/tonycoz/imager

Affected ranges

Type
GIT
Repo
https://github.com/tonycoz/imager
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
a98aabc78c74d61f1db25d0f1c1e9a2b14eb5f40
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.025"
        }
    ]
}

Affected versions

Imager-0.*
Imager-0.49
Imager-0.51_01
Imager-0.51_02
Imager-0.52
Imager-0.53
Imager-0.55
Imager-0.58
Imager-0.59
Imager-0.60
Imager-0.61
Imager-0.63
Imager-0.65
Imager-0.71
Imager-0.72
Imager-0.75
Imager-0.76
Imager-0.77
Imager-0.78
Imager-0.79
Imager-0.80
Imager-0.81
Imager-0.82
Other
Imager-0_38
Imager-0_38pre9
v0.*
v0.82_01
v0.83
v0.84
v0.84_01
v0.84_02
v0.85
v0.85_01
v0.85_02
v0.86
v0.87
v0.88
v0.89
v0.90
v0.91
v0.92
v0.93
v0.94
v0.94_01
v0.94_02
v0.95
v0.96
v0.96_01
v0.96_02
v0.97
v0.98
v0.99
v0.99_01
v0.99_02
v1.*
v1.000
v1.001
v1.002
v1.003
v1.004
v1.004_001
v1.004_002
v1.004_003
v1.004_004
v1.005
v1.006
v1.007
v1.008
v1.009
v1.010
v1.011
v1.012
v1.013
v1.014
v1.015
v1.016
v1.017
v1.018
v1.019
v1.020
v1.021
v1.022
v1.023
v1.024

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53901.json"