3 matches found
CVE-2022-1507
CVE-2022-1507 affects the chafa image-conversion tool. The vulnerability is a NULL pointer dereference in gif_internal_decode_frame (libnsgif.c:599), which can cause a denial of service (crash) when processing a crafted input file. It concerns chafa versions prior to 1.10.2. Public advisories and...
CVE-2022-2061
CVE-2022-2061 affects the chafa image library (hpjansson/chafa) prior to 1.12.0, with a heap-based buffer overflow in the lzw_decode path. Multiple advisories note fixes: openSUSE/SUSE backports patch to chafa-1.12.1-1.1; Debian/Ubuntu OSV entries cite a fix in 1.12.0; other listings reference th...
CVE-2022-2301
CVE-2022-2301 affects the chafa project (hpjansson/chafa) prior to 1.10.3. Root cause: a Buffer Over-read in the library. Impact per sources includes availability disruption. Remediation: upgrade to version 1.10.3 or apply vendor patches (openSUSE/SUSE advisories note the fix). If exploiting deta...