彙總 mgetty_project 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
已披露問題常與 緩衝區溢位、記憶體損壞與路徑處理缺陷 相關,可能在 生產負載與軟體部署 場景中帶來 應用程式崩潰與檔案覆寫 等暴露風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2019-1010189 | mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1. | [email protected] | 5.5 | 0.83% | 2019-07-24 | 2026-06-16 |
| CVE-2019-1010190 | mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact is: DoS, the program may crash if the memory is not mapped. The component is: putwhitespan() in g3/pbm2g3.c. The attack vector is: Local, the victim must open a specially crafted file. The fixed version is: 1.2.1. | [email protected] | 5.5 | 0.84% | 2019-07-24 | 2026-06-16 |
| CVE-2018-16745 | An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow a buffer overflow if long untrusted input can reach it. | [email protected] | 7.8 | 0.45% | 2018-09-13 | 2026-06-16 |
| CVE-2018-16744 | An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to parameter is not sanitized. It could allow for command injection if untrusted input can reach it, because popen is used. | [email protected] | 7.8 | 1.03% | 2018-09-13 | 2026-06-16 |
| CVE-2018-16743 | An issue was discovered in mgetty before 1.2.1. In contrib/next-login/login.c, the command-line parameter username is passed unsanitized to strcpy(), which can cause a stack-based buffer overflow. | [email protected] | 7.8 | 0.45% | 2018-09-13 | 2026-06-16 |
| CVE-2018-16742 | An issue was discovered in mgetty before 1.2.1. In contrib/scrts.c, a stack-based buffer overflow can be triggered via a command-line parameter. | [email protected] | 7.8 | 0.45% | 2018-09-13 | 2026-06-16 |
| CVE-2018-16741 | An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command. | [email protected] | 7.8 | 1.32% | 2018-09-13 | 2026-06-16 |
| CVE-2003-0517 | faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files. | [email protected] | 5.5 | 0.32% | 2003-08-18 | 2026-06-16 |