Freeimage · Freeimage · CVE-2024-31570
**Name of the Vulnerable Software and Affected Versions**
FreeImage versions 3.4.0 through 3.18.0
**Description**
The issue is a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file. This occurs in the libfreeimage library.
**Recommendations**
For versions 3.4.0 through 3.18.0, consider disabling the Load function in PluginXPM.cpp to prevent exploitation until a patch is available. Restrict access to XPM files to minimize the risk of triggering the buffer overflow.