Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Libextractor Security Vulnerabilities

cve
cve

CVE-2017-15266

In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate.

5.5CVSS

6.1AI Score

0.001EPSS

2017-10-11 05:29 PM
47
cve
cve

CVE-2017-15267

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c.

7.5CVSS

7.3AI Score

0.003EPSS

2017-10-11 05:29 PM
41
cve
cve

CVE-2017-15600

In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.

7.5CVSS

7.3AI Score

0.001EPSS

2017-10-18 09:29 PM
45
cve
cve

CVE-2017-15601

In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup.

7.5CVSS

7.5AI Score

0.002EPSS

2017-10-18 09:29 PM
43
cve
cve

CVE-2017-15602

In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.

7.5CVSS

7.2AI Score

0.002EPSS

2017-10-18 09:29 PM
47
cve
cve

CVE-2017-15922

In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTOR_dvi_extract_method function in plugins/dvi_extractor.c.

5.5CVSS

6.1AI Score

0.001EPSS

2017-10-26 06:29 PM
39
cve
cve

CVE-2017-17440

GNU Libextractor 1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted GIF, IT (Impulse Tracker), NSFE, S3M (Scream Tracker 3), SID, or XM (eXtended Module) file, as demonstrated by the EXTRACTOR_xm_extract_method function in plugins...

6.5CVSS

6.1AI Score

0.005EPSS

2017-12-06 05:29 PM
44
cve
cve

CVE-2018-14346

GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).

8.8CVSS

8.6AI Score

0.004EPSS

2018-07-17 03:29 PM
52
cve
cve

CVE-2018-14347

GNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).

6.5CVSS

7.1AI Score

0.002EPSS

2018-07-17 03:29 PM
48
cve
cve

CVE-2018-16430

GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.

8.8CVSS

8.3AI Score

0.107EPSS

2018-09-04 12:29 AM
58
cve
cve

CVE-2018-20430

GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.

6.5CVSS

6.3AI Score

0.002EPSS

2018-12-24 05:29 AM
42
cve
cve

CVE-2018-20431

GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.

6.5CVSS

6.4AI Score

0.002EPSS

2018-12-24 05:29 AM
48
cve
cve

CVE-2019-15531

GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.

6.5CVSS

6.2AI Score

0.003EPSS

2019-08-23 05:15 PM
98