CVE-2022-32323

AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.3 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
autotrace_projectautotrace
0.40.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
autotrace
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
impish
dne
focal
dne
bionic
dne
xenial
needed
trusty
needed
Common Weakness Enumeration
References
https://github.com/autotrace/autotrace/commit/2b44c173027736c64b3f379bd154c41bab745423
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CZVCQH4L7KC5GXLU6SCESXR5TGSKQ2H/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKZPC4WCDOJ7BPJOMZ46AV27RCABZRYA/
https://github.com/autotrace/autotrace/commit/2b44c173027736c64b3f379bd154c41bab745423
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4CZVCQH4L7KC5GXLU6SCESXR5TGSKQ2H/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKZPC4WCDOJ7BPJOMZ46AV27RCABZRYA/