oss-sec mailing list archives
Re: Re: CWE-121, CWE-122: libfreeimage 3.40-3.18/19+ buffer overflow
From: Michael Knap <oss-sec () mknap com>
Date: Thu, 11 Apr 2024 09:02:25 +0000
-------- Original Message -------- On 11/04/2024 09:22, Tianyu Chen wrote:
Hi Michael, I believe there may be a duplicate report for freeimage that you should be aware of. You can find it at the following link:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
The linked report includes CVE-2024-28562, CVE-2024-28563, CVE-2024-28564, CVE-2024-28565, and more up to CVE-2024-28584.
Best regards, Tianyu Chen
Hi Tianyu, Indeed, it seems so! I apologize for any inconvenience this may have caused. I conducted a search on MITRE for the library and found several current CVEs, but I did not come across this specific report. Given that they are fairly recent, there might have been a period during which they were not yet visible in public searches. Thank you for bringing this to my attention! Best regards, Michael Knap
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CWE-121, CWE-122: libfreeimage 3.40-3.18/19+ buffer overflow Michael Knap (Apr 09)
- <Possible follow-ups>
- Re: CWE-121, CWE-122: libfreeimage 3.40-3.18/19+ buffer overflow Tianyu Chen (Apr 11)
- Re: Re: CWE-121, CWE-122: libfreeimage 3.40-3.18/19+ buffer overflow Michael Knap (Apr 11)
- Re: Re: CWE-121, CWE-122: libfreeimage 3.40-3.18/19+ buffer overflow Michael Knap (Apr 11)
- Re: Re: CWE-121, CWE-122: libfreeimage 3.40-3.18/19+ buffer overflow Michael Knap (Apr 11)