CVE-2022-0534

Опубликовано: 09 фев. 2022

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault).

Ссылки

https://github.com/michaelrsweet/htmldoc/commit/312f0f9c12f26fbe015cd0e6cefa40e4b99017d9
Patch
Third Party Advisory
https://github.com/michaelrsweet/htmldoc/issues/463
Exploit
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/02/msg00022.html
Mailing List
Third Party Advisory
https://github.com/michaelrsweet/htmldoc/commit/312f0f9c12f26fbe015cd0e6cefa40e4b99017d9
Patch
Third Party Advisory
https://github.com/michaelrsweet/htmldoc/issues/463
Exploit
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/02/msg00022.html
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:htmldoc_project:htmldoc:1.9.15:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.0014

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2022-0534

CVSS3: 5.5

ubuntu

почти 4 года назад

CVE-2022-0534

CVSS3: 5.5

debian

почти 4 года назад

A vulnerability was found in htmldoc version 1.9.15 where the stack ou ...

GHSA-f9qm-5g8q-g45w

CVSS3: 5.5

github

почти 4 года назад

EPSS

Процентиль: 35%

0.0014

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125