Autotrace Project: >> Autotrace >> 0.31.1 Security Vulnerabilities
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-02-11
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-02-11
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input-tga.c:528:7.
CVSS Score
9.8
EPSS Score
0.005
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:538:33.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:559:29.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the ReadImage function in input-tga.c:620:27.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "negative-size-param" issue in the ReadImage function in input-tga.c:528:7.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:498:55.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:508:18.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-tga.c:192:19.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-05-23
Page 1