potrace_project CVE Vulnerabilities & Metrics

Focus on potrace_project vulnerabilities and metrics.

Last updated: 08 May 2025, 22:25 UTC

About potrace_project Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with potrace_project. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total potrace_project CVEs: 14
Earliest CVE date: 31 Jan 2017, 22:59 UTC
Latest CVE date: 01 Aug 2017, 05:29 UTC

Latest CVE reference: CVE-2017-12067

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical potrace_project CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 5.78

Max CVSS: 6.8

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range Count
0.0-3.9 0
4.0-6.9 14
7.0-8.9 0
9.0-10.0 0

CVSS Distribution Chart

Top 5 Highest CVSS potrace_project CVEs

These are the five CVEs with the highest CVSS scores for potrace_project, sorted by severity first and recency.

All CVEs for potrace_project

CVE-2017-12067 potrace_project vulnerability CVSS: 5.0 01 Aug 2017, 05:29 UTC

Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c.

CVE-2017-7263 potrace_project vulnerability CVSS: 6.8 26 Mar 2017, 05:59 UTC

The bm_readbody_bmp function in bitmap_io.c in Potrace 1.14 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8698.

CVE-2016-8703 potrace_project vulnerability CVSS: 6.8 31 Jan 2017, 22:59 UTC

Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8702.

CVE-2016-8702 potrace_project vulnerability CVSS: 6.8 31 Jan 2017, 22:59 UTC

Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, and CVE-2016-8703.

CVE-2016-8701 potrace_project vulnerability CVSS: 6.8 31 Jan 2017, 22:59 UTC

Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8700, CVE-2016-8702, and CVE-2016-8703.

CVE-2016-8700 potrace_project vulnerability CVSS: 6.8 31 Jan 2017, 22:59 UTC

Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8699, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703.

CVE-2016-8699 potrace_project vulnerability CVSS: 6.8 31 Jan 2017, 22:59 UTC

Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8698, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703.

CVE-2016-8698 potrace_project vulnerability CVSS: 6.8 31 Jan 2017, 22:59 UTC

Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have unspecified impact via a crafted BMP image, a different vulnerability than CVE-2016-8699, CVE-2016-8700, CVE-2016-8701, CVE-2016-8702, and CVE-2016-8703.

CVE-2016-8697 potrace_project vulnerability CVSS: 4.3 31 Jan 2017, 22:59 UTC

The bm_new function in bitmap.h in potrace before 1.13 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted BMP image.

CVE-2016-8696 potrace_project vulnerability CVSS: 4.3 31 Jan 2017, 22:59 UTC

The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8695.

CVE-2016-8695 potrace_project vulnerability CVSS: 4.3 31 Jan 2017, 22:59 UTC

The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8694 and CVE-2016-8696.

CVE-2016-8694 potrace_project vulnerability CVSS: 4.3 31 Jan 2017, 22:59 UTC

The bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted BMP image, a different vulnerability than CVE-2016-8695 and CVE-2016-8696.

CVE-2016-8686 potrace_project vulnerability CVSS: 6.8 31 Jan 2017, 22:59 UTC

The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

CVE-2016-8685 potrace_project vulnerability CVSS: 4.3 31 Jan 2017, 22:59 UTC

The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image.