Gnu: >> Libextractor >> 1.4 Security Vulnerabilities
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.
CVSS Score
6.5
EPSS Score
0.011
Published
2019-08-23
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-12-24
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-12-24
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.
CVSS Score
8.8
EPSS Score
0.02
Published
2018-09-04
GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).
CVSS Score
8.8
EPSS Score
0.005
Published
2018-07-17
GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).
CVSS Score
6.5
EPSS Score
0.004
Published
2018-07-17
In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-10-26
In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.
CVSS Score
7.5
EPSS Score
0.017
Published
2017-10-18
In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-10-18
In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.
CVSS Score
7.5
EPSS Score
0.004
Published
2017-10-18
Page 1