CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45508 – Ubuntu Security Notice USN-7225-1
https://notcve.org/view.php?id=CVE-2024-45508
01 Sep 2024 — HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. HTMLDOC anterior a 1.9.19 tiene una escritura fuera de los límites en parse_paragraph en ps-pdf.cxx debido a un intento de eliminar los espacios iniciales de un nodo que solo contiene espacios en blanco. It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lzw, write_header and write_node functions, which could l... • https://github.com/michaelrsweet/htmldoc/blob/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2/CHANGES.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-34119 – Ubuntu Security Notice USN-7189-1
https://notcve.org/view.php?id=CVE-2021-34119
18 Jul 2023 — A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file. It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. It was discovered that HTMLDOC incorrectly handled memory in pspdf_export, which could lead to a double-free. An attacker coul... • https://github.com/michaelrsweet/htmldoc/commit/85fa76d77ed69927d24decf476e69bedc7691f48 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-34121 – Ubuntu Security Notice USN-7189-1
https://notcve.org/view.php?id=CVE-2021-34121
18 Jul 2023 — An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parse_tree() in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution. It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. It was discovered that HTMLDOC incorrectly handled memory in... • https://github.com/michaelrsweet/htmldoc/commit/c67bbd8756f015e33e4ba639a40c7f9d8bd9e8ab • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0137 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-0137
14 Nov 2022 — A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries. Un desbordamiento del búfer en la función image_set_mask de HTMLDOC anterior a 1.9.15 permite a un atacante escribir fuera de los límites del búfer. It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lzw, write_header and write_node functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause ... • https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34035 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-34035
18 Jul 2022 — HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588. Se ha detectado que HTMLDoc versiones v1.9.12 y anteriores, contienen un desbordamiento de pila por medio de e_node htmldoc/htmldoc/html.cxx:588 It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lzw, write_header and write_node functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execut... • https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34033 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-34033
18 Jul 2022 — HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273. Se ha detectado que HTMLDoc versión v1.9.15, contiene un desbordamiento de pila por medio de (write_header) /htmldoc/htmldoc/html.cxx:273 Multiple vulnerabilities have been discovered in HTMLDOC, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 1.9.16 are affected. • https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-27114 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-27114
09 May 2022 — There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function. Se presenta una vulnerabilidad en htmldoc versión 1.9.16. En la función image_load_jpeg image.cxx cuando llama a malloc,"img-)width" e "img-)height" son ... • https://github.com/michaelrsweet/htmldoc/commit/31f780487e5ddc426888638786cdc47631687275 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-28085 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-28085
27 Apr 2022 — A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS). Se ha encontrado un fallo en el commit 31f7804 de htmldoc. Un desbordamiento del búfer de la pila en la función pdf_write_names en el archivo ps-pdf.cxx puede conllevar a una ejecución de código arbitrario y una Denegación de Servicio (DoS) It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lz... • https://github.com/michaelrsweet/htmldoc/commit/46c8ec2b9bccb8ccabff52d998c5eee77a228348 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-24191 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-24191
04 Apr 2022 — In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow. En HTMLDOC versión 1.9.14, un bucle infinito en la función gif_read_lzw puede conllevar a que un puntero apunte arbitrariamente a la memoria de la pila y resulte en un desbordamiento del búfer Multiple vulnerabilities have been discovered in HTMLDOC, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 1.9.16 are ... • https://github.com/michaelrsweet/htmldoc/issues/470 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-0534 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-0534
09 Feb 2022 — A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault). Se ha encontrado una vulnerabilidad en htmldoc versión 1.9.15, en la que una lectura fuera de límites de la pila se presenta en la función gif_get_code() y es producido cuando es abierto un archivo GIF malicioso, lo que puede resultar en un bloqueo (fallo de segmentación) It was discovered that HTM... • https://github.com/michaelrsweet/htmldoc/commit/312f0f9c12f26fbe015cd0e6cefa40e4b99017d9 • CWE-125: Out-of-bounds Read •