First published: Thu May 10 2018(Updated: )
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The Plane function in image/image.hpp allows remote attackers to cause a denial of service (attempted excessive memory allocation) via a crafted file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Flif Flif | =0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2018-10971.
The severity of CVE-2018-10971 is medium, with a severity value of 5.5.
CVE-2018-10971 affects the Free Lossless Image Format (FLIF) version 0.3 by allowing remote attackers to cause a denial of service (attempted excessive memory allocation) via a crafted file.
The Common Weakness Enumeration (CWE) ID for this vulnerability is CWE-770.
To mitigate CVE-2018-10971, it is recommended to upgrade to a fixed version of FLIF that does not contain this vulnerability.