CVE-2020-25693

Name of the Vulnerable Software and Affected Versions: CImg versions prior to 2.9.3

Description: A flaw in CImg can be triggered by a specially crafted input file, leading to integer overflows and heap buffer overflows in the load pnm() function. This can impact application availability or data integrity. The issue can be exploited by a remote attacker using a specially crafted file, potentially affecting the confidentiality, integrity, and availability of protected information.

Recommendations: For versions prior to 2.9.3, update to version 2.9.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the load pnm() function until a patch is available. Avoid using specially crafted input files that could trigger the integer overflows and heap buffer overflows.