CVE-2020-21428

Name of the Vulnerable Software and Affected Versions FreeImage version 3.18.0

Description The issue allows remote attackers to run arbitrary code and cause other impacts via a crafted image file, exploiting a Buffer Overflow vulnerability in the LoadRGB function in PluginDDS.cpp.

Recommendations For FreeImage version 3.18.0, consider disabling the LoadRGB function in PluginDDS.cpp as a temporary workaround until a patch is available. Restrict access to processing crafted image files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.