sane-project/backends
Project Type
GitLab
Releases58
Frequency5 months 6 days
Last Release
Stars76
Scanner Access Now Easy ― Backends
CVE History
CVE | Published | CVSS v2 | CVSS v3 |
---|---|---|---|
CVE-2023-46052 | N/A | N/A | |
Sane 1.2.1 heap bounds overwrite in init_options() from backend/test.c via a long init_mode string in a configuration file. NOTE: this is disputed because there is no expectation that test.c code should be executed with an attacker-controlled configuration file. | |||
CVE-2023-46047 | N/A | N/A | |
An issue in Sane 1.2.1 allows a local attacker to execute arbitrary code via a crafted file to the sanei_configure_attach() function. NOTE: this is disputed because there is no expectation that the product should be starting with an attacker-controlled configuration file. | |||
CVE-2020-12867 | 5.5 MEDIUM | 2.1 LOW | |
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075. |