Aggregates CVE and security vulnerability intelligence across all chafa_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-2301 | Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. | [email protected] | 5.5 | 0.26% | 2022-07-04 | 2024-11-21 |
| CVE-2022-2061 | Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. | [email protected] | 3.3 | 0.13% | 2022-06-13 | 2024-11-21 |
| CVE-2022-1507 | chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. | [email protected] | 5.5 | 0.32% | 2022-04-27 | 2024-11-21 |