CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-19004

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.1%

CVSS Severity

CVSS v3 Score 3.3

CVSS v2 Score 4.3

References

https://github.com/autotrace/autotrace/commits/master
https://github.com/autotrace/autotrace/commits/master/src/input-bmp.c
https://github.com/autotrace/autotrace/pull/40
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NC6MUH2RLVEA634LHBNZ2KO7MQKI2RDZ/
https://github.com/autotrace/autotrace/commits/master
https://github.com/autotrace/autotrace/commits/master/src/input-bmp.c
https://github.com/autotrace/autotrace/pull/40
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NC6MUH2RLVEA634LHBNZ2KO7MQKI2RDZ/

Products affected by CVE-2019-19004

Autotrace Project » Autotrace » Version: 0.31.1

cpe:2.3:a:autotrace_project:autotrace:0.31.1
Fedoraproject » Fedora » Version: 34

cpe:2.3:o:fedoraproject:fedora:34

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19004

Products

Pricing

Contact Us