Netpbm Project Security Vulnerabilities
The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by...
5.5CVSS
5.3AI Score
0.006EPSS
tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and height...
5.5CVSS
5.1AI Score
0.002EPSS
An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code...
7.8CVSS
7.6AI Score
0.001EPSS
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code...
7.8CVSS
7.8AI Score
0.001EPSS
A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to...
5.5CVSS
5.3AI Score
0.001EPSS
A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to...
5.5CVSS
5.3AI Score
0.001EPSS
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code...
7.8CVSS
7.8AI Score
0.001EPSS
Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one...
7.9AI Score
0.106EPSS