CVE-2022-4988— Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-4988
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries
Source: NVD (National Vulnerability Database)
Vulnerability Description
Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries. Alien::FreeImage contains version 3.17.0 of the FreeImage library from 2017, which has known vulnerabilities such as CVE-2015-0852 and CVE-2025-65803. The library embeds other images libraries that also have known vulnerabilities.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1395
Source: NVD (National Vulnerability Database)
Vulnerability Title
alien-freeimage 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
alien-freeimage是kmx个人开发者的一个构建并安装FreeImage库的开发文件辅助模块。 alien-freeimage 1.001及之前版本存在安全漏洞,该漏洞源于包含多个存在已知漏洞的库,如FreeImage 3.17.0版本及嵌入的其他图像库。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| KMX | Alien::FreeImage | 0 ~ 1.001 | - |
II. Public POCs for CVE-2022-4988
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-4988
请登录查看更多情报信息。
- https://github.com/kmx/alien-freeimage/issues/5issue-tracking
- https://nvd.nist.gov/vuln/detail/CVE-2025-65803vendor-advisory
- https://github.com/kmx/alien-freeimage/issues/4issue-tracking
- https://nvd.nist.gov/vuln/detail/CVE-2015-0852vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-4988
IV. Related Vulnerabilities
Same weakness: CWE-1395
- CVE-2025-11159
Hitachi Vantara Pentaho Data Integration & Analytics - Depen - CVE-2026-34652
Adobe Commerce | Dependency on Vulnerable Third-Party Compon - CVE-2026-34654
Adobe Commerce | Dependency on Vulnerable Third-Party Compon - CVE-2025-59851
HCL DFXAnalytics is affected by an Insecure Security Header - CVE-2025-15638
Net::Dropbear versions before 0.14 for Perl contains a vulne
V. Comments for CVE-2022-4988
No comments yet