Autotrace
Source repositories
CVEs (55)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9177 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:390:12. | ||
| CVE-2017-9176 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:370:25. | ||
| CVE-2017-9175 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:353:25. | ||
| CVE-2017-9174 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:21:23. | ||
| CVE-2017-9159 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_rawpbm function in input-pnm.c:391:15. | ||
| CVE-2017-9158 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_raw function in input-pnm.c:336:11. | ||
| CVE-2017-9157 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:306:14. | ||
| CVE-2017-9156 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12. | ||
| CVE-2017-9155 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the input_pnm_reader function in input-pnm.c:243:3. | ||
| CVE-2017-9154 | Hig | 0.49 | 7.5 | 0.02 | May 23, 2017 | libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:16:11. | ||
| CVE-2016-7392 | Med | 0.36 | 5.5 | 0.02 | Feb 15, 2017 | Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image file. | ||
| CVE-2022-32323 | 0.00 | — | 0.01 | Jul 14, 2022 | AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660. | |||
| CVE-2019-19005 | 0.00 | — | 0.01 | Feb 11, 2021 | A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182. | |||
| CVE-2019-19004 | 0.00 | — | 0.01 | Feb 11, 2021 | A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. | |||
| CVE-2013-1953 | 0.00 | — | 0.02 | Dec 9, 2013 | Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow. |
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the ReadImage function in input-bmp.c:390:12.
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:370:25.
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the ReadImage function in input-bmp.c:353:25.
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:21:23.
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_rawpbm function in input-pnm.c:391:15.
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_raw function in input-pnm.c:336:11.
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:306:14.
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12.
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the input_pnm_reader function in input-pnm.c:243:3.
- risk 0.49cvss 7.5epss 0.02
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:16:11.
- risk 0.36cvss 5.5epss 0.02
Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image file.
- CVE-2022-32323Jul 14, 2022risk 0.00cvss —epss 0.01
AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
- CVE-2019-19005Feb 11, 2021risk 0.00cvss —epss 0.01
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.
- CVE-2019-19004Feb 11, 2021risk 0.00cvss —epss 0.01
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
- CVE-2013-1953Dec 9, 2013risk 0.00cvss —epss 0.02
Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the header of a BMP file, which triggers a buffer overflow.
Page 3 of 3