CVE-2021-40985

Опубликовано: 03 нояб. 2021

Источник: debian

EPSS Низкий

Описание

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.

Пакет	Статус	Версия исправления	Релиз	Тип
htmldoc	fixed	1.9.13-1		package
htmldoc	fixed	1.9.11-4+deb11u1	bullseye	package
htmldoc	fixed	1.9.3-1+deb10u3	buster	package

https://github.com/michaelrsweet/htmldoc/issues/444
https://github.com/michaelrsweet/htmldoc/commit/f12b9666e582a8e7b70f11b28e5ffc49ad625d43 (v1.9.13)
Crash in CLI tool, no security impact

EPSS

Процентиль: 28%

0.00099

Низкий

CVE-2021-40985

CVSS3: 5.5

ubuntu

больше 4 лет назад

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.

CVE-2021-40985

CVSS3: 5.5

nvd

больше 4 лет назад

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.

GHSA-vfx2-gpvv-rwcm

CVSS3: 5.5

github

больше 3 лет назад

Buffer overflow vulnerability in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.

EPSS

Процентиль: 28%

0.00099

Низкий