CVE-2021-40266

Name of the Vulnerable Software and Affected Versions FreeImage versions prior to 1.18.0

Description The issue is related to a null pointer dereference in the ReadPalette function located in PluginTIFF.cpp. This function is part of the FreeImage library, which is used for image processing. The null pointer dereference could potentially lead to crashes or other unintended behavior when handling certain TIFF images.

Recommendations For versions prior to 1.18.0, update to version 1.18.0 or later to resolve the issue. As a temporary workaround, consider disabling the use of the ReadPalette function in PluginTIFF.cpp until a patch is available.