Potrace Project Potrace — known CVE vulnerabilities
Every CVE whose affected-product data names Potrace Project Potrace, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2017-7263 — CVSS 7.8 (high): The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer…
CVE-2016-8686 — CVSS 7.8 (high): The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a…
CVE-2016-8698 — CVSS 7.8 (high): Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have…
CVE-2016-8699 — CVSS 7.8 (high): Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have…
CVE-2016-8700 — CVSS 7.8 (high): Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have…
CVE-2016-8701 — CVSS 7.8 (high): Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have…
CVE-2016-8702 — CVSS 7.8 (high): Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have…
CVE-2016-8703 — CVSS 7.8 (high): Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have…
CVE-2017-12067 — CVSS 7.5 (high): Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c.
CVE-2016-8694 — CVSS 5.5 (medium): The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer…
CVE-2016-8695 — CVSS 5.5 (medium): The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer…
CVE-2016-8696 — CVSS 5.5 (medium): The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer…
CVE-2016-8697 — CVSS 5.5 (medium): The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and…
CVE-2016-8685 — CVSS 5.5 (medium): The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash)…