CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0137 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-0137
14 Nov 2022 — A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries. Un desbordamiento del búfer en la función image_set_mask de HTMLDOC anterior a 1.9.15 permite a un atacante escribir fuera de los límites del búfer. It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lzw, write_header and write_node functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause ... • https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34035 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-34035
18 Jul 2022 — HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588. Se ha detectado que HTMLDoc versiones v1.9.12 y anteriores, contienen un desbordamiento de pila por medio de e_node htmldoc/htmldoc/html.cxx:588 It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lzw, write_header and write_node functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execut... • https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-28085 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-28085
27 Apr 2022 — A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS). Se ha encontrado un fallo en el commit 31f7804 de htmldoc. Un desbordamiento del búfer de la pila en la función pdf_write_names en el archivo ps-pdf.cxx puede conllevar a una ejecución de código arbitrario y una Denegación de Servicio (DoS) It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lz... • https://github.com/michaelrsweet/htmldoc/commit/46c8ec2b9bccb8ccabff52d998c5eee77a228348 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-24191 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-24191
04 Apr 2022 — In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow. En HTMLDOC versión 1.9.14, un bucle infinito en la función gif_read_lzw puede conllevar a que un puntero apunte arbitrariamente a la memoria de la pila y resulte en un desbordamiento del búfer An update that fixes 5 vulnerabilities is now available. This update for nodejs12 fixes the following issues. Fixed improper handling of URI Subject Alternative... • https://github.com/michaelrsweet/htmldoc/issues/470 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 2CVE-2021-43579 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-43579
12 Nov 2021 — A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file. Un desbordamiento de búfer en la región stack de la memoria en la función image_load_bmp() en HTMLDOC versiones anteriores a 1.9.13 incluyéndola, resulta en una ejecución de código remota si la víctima convierte un documento HTML que enlaza con un archivo BMP diseñado An update that solves four vulnerabilities and has two fixes is now ... • https://github.com/michaelrsweet/htmldoc/commit/27d08989a5a567155d506ac870ae7d8cc88fa58b • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-40985 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-40985
03 Nov 2021 — A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp. Una vulnerabilidad de desbordamiento del búfer under-read en htmldoc versiones anteriores a 1.9.12, permite a atacantes causar una denegación de servicio por medio de una imagen BMP diseñada a la función image_load_bmp. An update that solves four vulnerabilities and has two fixes is now available. Htmldoc was updated to fix issues. Fixed buffer overflow may lead ... • https://github.com/michaelrsweet/htmldoc/commit/f12b9666e582a8e7b70f11b28e5ffc49ad625d43 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 2CVE-2021-23165 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-23165
28 Jun 2021 — A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service. Se ha encontrado un fallo en htmldoc versiones anteriores av1.9.12. Un desbordamiento del búfer de la pila en la función pspdf_prepare_outpages(), en el archivo ps-pdf.cxx puede conllevar a una ejecución de código arbitrario y a una denegación de servicio It was discovered that HTMLDOC did not properly manage memory under certain circumstances.... • https://bugzilla.redhat.com/show_bug.cgi?id=1967014 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23180 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-23180
28 Jun 2021 — A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in file_extension(),in file.c may lead to execute arbitrary code and denial of service. Se ha encontrado un fallo en htmldoc en la versiones 1.9.12 y anteriores. Se presenta una desreferencia de puntero Null en la función file_extension(),en el archivo file.c puede conllevar a una ejecución de código arbitrario y una denegación de servicio A buffer overflow was discovered in HTMLDOC, a HTML processor that generates indexed HTML, PS,... • https://bugzilla.redhat.com/show_bug.cgi?id=1967041 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23191 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-23191
28 Jun 2021 — A security issue was found in htmldoc v1.9.12 and before. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial of service. Se encontró un problema de seguridad en htmldoc versiones v1.9.12 y anteriores. Una desreferencia de puntero NULL en la función image_load_jpeg() en el archivo image.cxx puede resultar en una denegación de servicio A buffer overflow was discovered in HTMLDOC, a HTML processor that generates indexed HTML, PS, and PDF, which could potentially resu... • https://bugzilla.redhat.com/show_bug.cgi?id=1967022 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23206 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-23206
28 Jun 2021 — A flaw was found in htmldoc in v1.9.12 and prior. A stack buffer overflow in parse_table() in ps-pdf.cxx may lead to execute arbitrary code and denial of service. Se ha encontrado un fallo en htmldoc versiones 1.9.12 y anteriores. Un desbordamiento del buffer de pila en la función parse_table() en el archivo ps-pdf.cxx puede conllevar a una ejecución de código arbitrario y una denegación de servicio A buffer overflow was discovered in HTMLDOC, a HTML processor that generates indexed HTML, PS, and PDF, which... • https://bugzilla.redhat.com/show_bug.cgi?id=1967028 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •