CVE-2022-32323

HIGH

Autotrace - Out-of-Bounds Write

Title source: rule

AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.

Core 3

Core References

Patch, Third Party Advisory x_refsource_misc

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

CVSS v3 7.3

EPSS 0.0008

EPSS Percentile 23.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

CWE

CWE-787

Status published

Products (3)

autotrace_project/autotrace 0.40.0

fedoraproject/fedora 36

fedoraproject/fedora 37

Published Jul 14, 2022

Tracked Since Feb 18, 2026