Potrace Project: >> Potrace >> 1.14 Security Vulnerabilities
Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c.
CVSS Score
7.5
EPSS Score
0.003
Published
2017-08-01
The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8698.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-03-26