entropymine CVE Vulnerabilities & Metrics

Focus on entropymine vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About entropymine Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with entropymine. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total entropymine CVEs: 26
Earliest CVE date: 06 Apr 2017, 00:59 UTC
Latest CVE date: 19 Dec 2022, 18:15 UTC

Latest CVE reference: CVE-2022-43289

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical entropymine CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 4.47

Max CVSS: 7.1

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	23
7.0-8.9	1
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS entropymine CVEs

These are the five CVEs with the highest CVSS scores for entropymine, sorted by severity first and recency.

CVE-2017-8327 entropymine Published on 29 Apr 2017, 20:59 UTC (CVSS: 7.1)
The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image.
CVE-2018-16782 entropymine Published on 10 Sep 2018, 04:29 UTC (CVSS: 6.8)
libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c.
CVE-2017-8326 entropymine Published on 29 Apr 2017, 20:59 UTC (CVSS: 6.8)
libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c.
CVE-2017-8325 entropymine Published on 29 Apr 2017, 20:59 UTC (CVSS: 6.8)
The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image.
CVE-2021-28856 entropymine Published on 14 Apr 2021, 17:15 UTC (CVSS: 4.3)
In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize.

All CVEs for entropymine

CVE-2022-43289 entropymine vulnerability CVSS: 0 19 Dec 2022, 18:15 UTC

Deark v.1.6.2 was discovered to contain a stack overflow via the do_prism_read_palette() function at /modules/atari-img.c.

CVE-2021-28856 entropymine vulnerability CVSS: 4.3 14 Apr 2021, 17:15 UTC

In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize.

CVE-2021-28855 entropymine vulnerability CVSS: 4.3 14 Apr 2021, 17:15 UTC

In Deark before 1.5.8, a specially crafted input file can cause a NULL pointer dereference in the dbuf_write function (src/deark-dbuf.c).

CVE-2017-12804 entropymine vulnerability CVSS: 4.3 09 May 2019, 16:29 UTC

The iwgif_init_screen function in imagew-gif.c:510 in ImageWorsener 1.3.2 allows remote attackers to cause a denial of service (hmemory exhaustion) via a crafted file.

CVE-2018-16782 entropymine vulnerability CVSS: 6.8 10 Sep 2018, 04:29 UTC

libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c.

CVE-2018-5252 entropymine vulnerability CVSS: 2.6 05 Jan 2018, 21:29 UTC

libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has a large loop in the get_raw_sample_int function in imagew-main.c.

CVE-2017-9207 entropymine vulnerability CVSS: 4.3 23 May 2017, 04:29 UTC

The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c.

CVE-2017-9206 entropymine vulnerability CVSS: 4.3 23 May 2017, 04:29 UTC

The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image, related to imagew-jpeg.c.

CVE-2017-9205 entropymine vulnerability CVSS: 4.3 23 May 2017, 04:29 UTC

The iw_get_ui16be function in imagew-util.c:422:24 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c.

CVE-2017-9204 entropymine vulnerability CVSS: 4.3 23 May 2017, 04:29 UTC

The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c.

CVE-2017-9203 entropymine vulnerability CVSS: 4.3 23 May 2017, 04:29 UTC

imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (buffer underflow) via a crafted image, related to imagew-bmp.c.

CVE-2017-9202 entropymine vulnerability CVSS: 4.3 23 May 2017, 04:29 UTC

imagew-cmd.c:854:45 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.

CVE-2017-9201 entropymine vulnerability CVSS: 4.3 23 May 2017, 04:29 UTC

imagew-cmd.c:850:46 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted image, related to imagew-api.c.

CVE-2017-9094 entropymine vulnerability CVSS: 4.3 19 May 2017, 19:29 UTC

The lzw_add_to_dict function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image.

CVE-2017-9093 entropymine vulnerability CVSS: 4.3 19 May 2017, 19:29 UTC

The my_skip_input_data_fn function in imagew-jpeg.c in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted image.

CVE-2017-8327 entropymine vulnerability CVSS: 7.1 29 Apr 2017, 20:59 UTC

The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image.

CVE-2017-8326 entropymine vulnerability CVSS: 6.8 29 Apr 2017, 20:59 UTC

libimageworsener.a in ImageWorsener before 1.3.1 has "left shift cannot be represented in type int" undefined behavior issues, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image, related to imagew-bmp.c and imagew-util.c.

CVE-2017-8325 entropymine vulnerability CVSS: 6.8 29 Apr 2017, 20:59 UTC

The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image.

CVE-2017-7962 entropymine vulnerability CVSS: 4.3 19 Apr 2017, 15:59 UTC

The iwgif_read_image function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

CVE-2017-7940 entropymine vulnerability CVSS: 4.3 18 Apr 2017, 19:59 UTC

The iw_read_gif_file function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.

CVE-2017-7939 entropymine vulnerability CVSS: 4.3 18 Apr 2017, 19:59 UTC

The read_next_pam_token function in imagew-pnm.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted file.

CVE-2017-7624 entropymine vulnerability CVSS: 4.3 10 Apr 2017, 17:59 UTC

The iw_read_bmp_file function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to consume an amount of available memory via a crafted file.

CVE-2017-7623 entropymine vulnerability CVSS: 4.3 10 Apr 2017, 17:59 UTC

The iwmiffr_convert_row32 function in imagew-miff.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

CVE-2017-7454 entropymine vulnerability CVSS: 4.3 06 Apr 2017, 00:59 UTC

The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

CVE-2017-7453 entropymine vulnerability CVSS: 4.3 06 Apr 2017, 00:59 UTC

The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

CVE-2017-7452 entropymine vulnerability CVSS: 4.3 06 Apr 2017, 00:59 UTC

The iwbmp_read_info_header function in imagew-bmp.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.