zint

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	Barcode encoding library supporting over 50 symbologies
Version	2.15.0-1 [extra]

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-2305	2.9.1-2	2.10.0-1	Low	Fixed
AVG-1625	2.9.1-1	2.9.1-2	Medium	Fixed	FS#70051

Issue	Group	Severity	Remote	Type	Description
CVE-2021-39247	AVG-2305	Low	No	Information disclosure	Zint Barcode Generator before 2.10.0 has a one-byte buffer over-read, related to is_last_single_ascii in code1.c, and rs_encode_uint in reedsol.c.
CVE-2021-27799	AVG-1625	Medium	No	Arbitrary code execution	ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an...

Issue

Group

Severity

Remote

Type

Description

CVE-2021-39247

AVG-2305

Low

Information disclosure

Zint Barcode Generator before 2.10.0 has a one-byte buffer over-read, related to is_last_single_ascii in code1.c, and rs_encode_uint in reedsol.c.

CVE-2021-27799

AVG-1625

Medium

Arbitrary code execution

ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an...

Advisories

Date	Advisory	Group	Severity	Type
01 Jun 2021	ASA-202106-13	AVG-1625	Medium	arbitrary code execution