CVE-2024-9029

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-9029

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-9029.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-9029

Downstream

DEBIAN-CVE-2024-9029

UBUNTU-CVE-2024-9029

Published

2024-09-27T07:15:05Z

Modified

2026-04-10T05:20:08.424940Z

Summary

[none]

Details

A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the readiptcprofile function in the Source/Metadata/IPTC.cpp file because the size of the profile is not being sanitized, causing a crash in the application linked to the library, resulting in a denial of service.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2313704
https://sourceforge.net/p/freeimage/bugs/351/
https://bugzilla.redhat.com/show_bug.cgi?id=2313704
https://sourceforge.net/p/freeimage/bugs/351/

CVE-2024-9029

Affected packages