Heap Out-of-Bounds Read in Imager for Perl Before Version 1.032
CVE-2026-13705
Currently unrated
What is CVE-2026-13705?
The Imager module for Perl, specifically versions prior to 1.032, is susceptible to a heap out-of-bounds read vulnerability caused by improper handling of 16-bit RLE literal runs in the read_rgb_16_rle function. A pixel count mismatch may allow crafted SGI images to trigger a buffer over-read, potentially leading to program crashes. This occurs when the parser attempts to process malformed images, creating a risk in applications relying on this image processing library.
Affected Version(s)
Imager 0 < 1.032
