Aggregates CVE and security vulnerability intelligence across all flif-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk memory corruption and vendor risk buffer overflow, with potential vendor impact memory corruption and vendor impact application crash across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-14232 | The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file. | [email protected] | 5.5 | 1.16% | 2019-08-15 | 2024-11-21 |
| CVE-2019-14373 | An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a heap-based buffer over-read in libpng via a crafted flif file. | [email protected] | 7.8 | 0.97% | 2019-07-28 | 2024-11-21 |
| CVE-2018-14876 | An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a longjmp that leads to an uninitialized stack frame after a libpng error concerning the IHDR image width. | [email protected] | 5.5 | 0.87% | 2018-08-03 | 2024-11-21 |
| CVE-2018-12109 | An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC<FileIO>::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PAM image file. | [email protected] | 7.8 | 1.36% | 2018-06-11 | 2024-11-21 |
| CVE-2018-11507 | An issue was discovered in Free Lossless Image Format (FLIF) 0.3. An attacker can trigger a long loop in image_load_pnm in image/image-pnm.cpp. | [email protected] | 6.5 | 1.15% | 2018-05-28 | 2024-11-21 |
| CVE-2018-10972 | An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted file. | [email protected] | 7.8 | 1.30% | 2018-05-10 | 2024-11-21 |
| CVE-2018-10971 | An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The Plane function in image/image.hpp allows remote attackers to cause a denial of service (attempted excessive memory allocation) via a crafted file. | [email protected] | 5.5 | 1.11% | 2018-05-10 | 2024-11-21 |