Home

Description

Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries. Alien::FreeImage contains version 3.17.0 of the FreeImage library from 2017, which has known vulnerabilities such as CVE-2015-0852 and CVE-2025-65803. The library embeds other images libraries that also have known vulnerabilities.

PUBLISHED Reserved 2026-05-08 | Published 2026-05-11 | Updated 2026-05-11 | Assigner CPANSec

Problem types

CWE-1395 Dependency on Vulnerable Third-Party Component

Product status

Default status
unaffected

Any version
affected

Timeline

2017-07-11:Alien::FreeImage released with FreeImage 3.17.0
2022-06-29:Issues added to git repository regarding security vulnerabilities
2022-06-29:Several issues added to CPANSA::DB
2026-03-27:Issues logged with CPANSec

References

freeimage.sourceforge.io/

metacpan.org/.../KMX/Alien-FreeImage-1.001/source/src/Source

nvd.nist.gov/vuln/detail/CVE-2015-0852 vendor-advisory

nvd.nist.gov/vuln/detail/CVE-2025-65803 vendor-advisory

github.com/kmx/alien-freeimage/issues/4 issue-tracking

github.com/kmx/alien-freeimage/issues/5 issue-tracking

cve.org (CVE-2022-4988)

nvd.nist.gov (CVE-2022-4988)

Download JSON