VYPR

rpm package

almalinux/autotrace

pkg:rpm/almalinux/autotrace

Vulnerabilities (3)

  • CVE-2022-32323Jul 14, 2022
    affected < 0.31.1-65.el9fixed 0.31.1-65.el9

    AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.

  • CVE-2019-19005Feb 11, 2021
    affected < 0.31.1-53.el8fixed 0.31.1-53.el8

    A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.

  • CVE-2019-19004Feb 11, 2021
    affected < 0.31.1-53.el8fixed 0.31.1-53.el8

    A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.