How severe is CVE-2019-19004?

CVE-2019-19004 has a CVSS v3 score of 3.3 (LOW).

CVE-2019-19004

Name: fedora
Author: fedoraproject

3.3LOW

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.

Publicado: 2/11/2021Actualizado: 11/21/2024

Descripción

A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.

Análisis IAImpulsado por IA

Productos Afectados

autotrace_projectautotrace

0.31.1

fedoraprojectfedora

Referencias

https://github.com/autotrace/autotrace/commits/master
PatchThird Party Advisory
https://github.com/autotrace/autotrace/commits/master/src/input-bmp.c
PatchThird Party Advisory
https://github.com/autotrace/autotrace/pull/40
PatchThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NC6MUH2RLVEA634LHBNZ2KO7MQKI2RDZ/
https://github.com/autotrace/autotrace/commits/master
PatchThird Party Advisory
https://github.com/autotrace/autotrace/commits/master/src/input-bmp.c
PatchThird Party Advisory
https://github.com/autotrace/autotrace/pull/40
PatchThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NC6MUH2RLVEA634LHBNZ2KO7MQKI2RDZ/