CVE-2021-21914

Опубликовано: 14 апр. 2022

Источник: nvd

CVSS3: 9.8

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1362
Exploit
Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1362
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:accusoft:imagegear:19.10:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01182

Низкий

9.8 Critical

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-122

CWE-190

Связанные уязвимости

GHSA-98fc-8mvh-6qgf

CVSS3: 8.8

github

почти 4 года назад

EPSS

Процентиль: 78%

0.01182

Низкий

9.8 Critical

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-122

CWE-190