Vendor
Potrace Project
Products
1
CVEs
11
Across products
11
Status
Private
Products
1- 11 CVEs
Recent CVEs
11| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-7263 | Hig | 0.51 | 7.8 | 0.00 | Mar 26, 2017 | The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8698. | |
| CVE-2016-8703 | Hig | 0.51 | 7.8 | 0.01 | Jan 31, 2017 | Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8702. | |
| CVE-2016-8702 | Hig | 0.51 | 7.8 | 0.01 | Jan 31, 2017 | Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8703. | |
| CVE-2016-8701 | Hig | 0.51 | 7.8 | 0.01 | Jan 31, 2017 | Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8702, and CVE-2016-8703. | |
| CVE-2016-8686 | Hig | 0.51 | 7.8 | 0.00 | Jan 31, 2017 | The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. | |
| CVE-2017-12067 | Hig | 0.49 | 7.5 | 0.00 | Aug 1, 2017 | Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c. | |
| CVE-2016-8697 | Med | 0.36 | 5.5 | 0.00 | Jan 31, 2017 | The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image. | |
| CVE-2016-8696 | Med | 0.36 | 5.5 | 0.00 | Jan 31, 2017 | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695. | |
| CVE-2016-8695 | Med | 0.36 | 5.5 | 0.00 | Jan 31, 2017 | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8696. | |
| CVE-2016-8694 | Med | 0.36 | 5.5 | 0.00 | Jan 31, 2017 | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8695 and CVE-2016-8696. | |
| CVE-2016-8685 | Med | 0.36 | 5.5 | 0.00 | Jan 31, 2017 | The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image. |