A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in load_pnm() can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25693
Reference (s):
- FEDORA:FEDORA-2021-2aaba884af
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERBZALTF7LXN2LZLPGAUSVMV53GHHTUC/
- FEDORA:FEDORA-2021-bc6585e31a
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QZ3NPLYXZWEL7HETIFZVCXEZZ2WYYRWA/
- FEDORA:FEDORA-2021-ca1151e997