Fluid Attacks Database

Description

The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	libimager-perl	>=0 <1.025+dfsg-1	1.025+dfsg-1
debian 11	libimager-perl	=1.012+dfsg-1 \|\| =1.012+dfsg-2 \|\| =1.015+dfsg-1 \|\| =1.016+dfsg-1 \|\| =1.018+dfsg-1 \|\| =1.019+dfsg-1 \|\| =1.019+dfsg-2 \|\| =1.020+dfsg-1 \|\| =1.022+dfsg-1 \|\| =1.023+dfsg-1 \|\| =1.024+dfsg-1 \|\| =1.024+dfsg-2 \|\| =1.025+dfsg-1 \|\| =1.027+dfsg-1 \|\| =1.028+dfsg-1 \|\| =1.029+dfsg-1 \|\| =1.030+dfsg-1	-
debian 12	libimager-perl	=1.019+dfsg-1 \|\| =1.019+dfsg-2 \|\| =1.020+dfsg-1 \|\| =1.022+dfsg-1 \|\| =1.023+dfsg-1 \|\| =1.024+dfsg-1 \|\| =1.024+dfsg-2 \|\| =1.025+dfsg-1 \|\| =1.027+dfsg-1 \|\| =1.028+dfsg-1 \|\| =1.029+dfsg-1 \|\| =1.030+dfsg-1	-
debian 13	libimager-perl	>=0 <1.025+dfsg-1	1.025+dfsg-1

Aliases

1. CVE-2024-539012. NVD-2024-539013. OSV-DEBIAN-2024-539014. OSV-2024-539015. SECURITY-TRACKER-CVE-2024-53901

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.