Aggregates CVE and security vulnerability intelligence across all zint-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk memory corruption and vendor risk buffer overflow; exposure may include vendor impact application crash and vendor impact memory corruption in vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-39247 | Zint Barcode Generator before 2.10.0 has a one-byte buffer over-read, related to is_last_single_ascii in code1.c, and rs_encode_uint in reedsol.c. | [email protected] | 6.5 | 0.24% | 2021-08-17 | 2024-11-21 |
| CVE-2021-27799 | ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code. | [email protected] | 7.5 | 1.01% | 2021-02-26 | 2024-11-21 |
| CVE-2020-9385 | A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because multiple + characters are mishandled in add_on in upcean.c, when called from eanx in upcean.c during EAN barcode generation. | [email protected] | 7.5 | 0.15% | 2020-02-25 | 2024-11-21 |