A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
{
"unresolved_ranges": [
{
"source": "CPE_FIELD",
"extracted_events": [
{
"last_affected": "34"
}
],
"cpe": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"
}
]
}{
"source": "CPE_FIELD",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "0.31.1"
}
],
"cpe": "cpe:2.3:a:autotrace_project:autotrace:0.31.1:*:*:*:*:*:*:*"
}