Netpbm Project Netpbm vulnerabilities

7 known vulnerabilities affecting netpbm_project/netpbm.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2017-2580HIGHCVSS 7.8v10.61.002018-07-27
CVE-2017-2580 [HIGH] CWE-787 CVE-2017-2580: An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file co An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
nvd
CVE-2017-2581HIGHCVSS 7.8fixed in 10.61.002018-07-27
CVE-2017-2581 [HIGH] CWE-787 CVE-2017-2581: An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file co An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution.
nvd
CVE-2017-2579HIGHCVSS 7.8v10.61.002018-07-27
CVE-2017-2579 [HIGH] CWE-125 CVE-2017-2579: An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() func An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution.
nvd
CVE-2017-2587MEDIUMCVSS 5.5fixed in 10.61.002018-07-27
CVE-2017-2587 [MEDIUM] CWE-770 CVE-2017-2587: A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file c A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
nvd
CVE-2017-2586MEDIUMCVSS 5.5fixed in 10.61.002018-07-27
CVE-2017-2586 [MEDIUM] CWE-476 CVE-2017-2586: A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash.
nvd
CVE-2018-8975MEDIUMCVSS 5.5≤ 10.81.032018-03-25
CVE-2018-8975 [MEDIUM] CWE-125 CVE-2018-8975: The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attack The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.
nvd
CVE-2017-5849MEDIUMCVSS 5.5v10.47.632017-03-15
CVE-2017-5849 [MEDIUM] CWE-125 CVE-2017-5849: tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which all tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and height values.
nvd