CVE-2016-8686

Опубликовано: 31 янв. 2017

Источник: debian

EPSS Низкий

Описание

The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
potrace	fixed	1.14-1		package
potrace	no-dsa		stretch	package
potrace	no-dsa		jessie	package
potrace	no-dsa		wheezy	package

Примечания

https://blogs.gentoo.org/ago/2016/08/29/potrace-memory-allocation-failure
http://potrace.sourceforge.net/ChangeLog claims that it's fixed in 1.14
but see https://lists.debian.org/debian-lts/2017/05/msg00032.html

EPSS

Процентиль: 56%

0.00338

Низкий

Связанные уязвимости

CVE-2016-8686

CVSS3: 7.8

ubuntu

около 9 лет назад

The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

CVE-2016-8686

CVSS3: 7.8

nvd

около 9 лет назад

The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

GHSA-v6c4-vvwp-v6xh

CVSS3: 7.8

github

больше 3 лет назад

The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

openSUSE-SU-2017:0648-1

suse-cvrf

почти 9 лет назад

Security update for potrace

EPSS

Процентиль: 56%

0.00338

Низкий