Aggregates CVE and security vulnerability intelligence across all potrace_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-12067 | Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c. | [email protected] | 7.5 | 0.33% | 2017-08-01 | 2026-05-13 |
| CVE-2017-7263 | The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8698. | [email protected] | 7.8 | 0.35% | 2017-03-26 | 2026-05-13 |
| CVE-2016-8703 | Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8702. | [email protected] | 7.8 | 0.56% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8702 | Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8703. | [email protected] | 7.8 | 0.56% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8701 | Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8702, and CVE-2016-8703. | [email protected] | 7.8 | 0.56% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8700 | Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703. | [email protected] | 7.8 | 0.56% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8699 | Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703. | [email protected] | 7.8 | 0.56% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8698 | Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703. | [email protected] | 7.8 | 0.65% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8697 | The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image. | [email protected] | 5.5 | 0.24% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8696 | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695. | [email protected] | 5.5 | 0.33% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8695 | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8696. | [email protected] | 5.5 | 0.28% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8694 | The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8695 and CVE-2016-8696. | [email protected] | 5.5 | 0.28% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8686 | The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. | [email protected] | 7.8 | 0.18% | 2017-01-31 | 2026-05-13 |
| CVE-2016-8685 | The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image. | [email protected] | 5.5 | 0.08% | 2017-01-31 | 2026-05-13 |