David Tschumperlé

2 exploits Active since Jul 2019
CVE-2019-13568 WRITEUP HIGH WRITEUP
CImg < 2.6.7 - Heap-Based Buffer Overflow in BMP Image Loading
CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image.
CVSS 8.8
CVE-2026-42146 WRITEUP MEDIUM WRITEUP
CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp
CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nb_colors value triggers an out-of-memory condition, crashing any application that uses CImg to load untrusted BMP files. This issue has been patched via commit c3aacf5.
CVSS 5.5