CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
40.7%
A flaw was found in libcaca. A heap buffer overflow in export.c in function export_tga might lead to memory corruption and other potential consequences.
Vendor | Product | Version | CPE |
---|---|---|---|
libcaca_project | libcaca | 0.99 | cpe:2.3:a:libcaca_project:libcaca:0.99:beta14:*:*:*:*:*:* |
libcaca_project | libcaca | 0.99 | cpe:2.3:a:libcaca_project:libcaca:0.99:beta15:*:*:*:*:*:* |
libcaca_project | libcaca | 0.99 | cpe:2.3:a:libcaca_project:libcaca:0.99:beta16:*:*:*:*:*:* |
libcaca_project | libcaca | 0.99 | cpe:2.3:a:libcaca_project:libcaca:0.99:beta17:*:*:*:*:*:* |
libcaca_project | libcaca | 0.99 | cpe:2.3:a:libcaca_project:libcaca:0.99:beta18:*:*:*:*:*:* |
libcaca_project | libcaca | 0.99 | cpe:2.3:a:libcaca_project:libcaca:0.99:beta19:*:*:*:*:*:* |
fedoraproject | fedora | 34 | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* |
fedoraproject | fedora | 35 | cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
fedoraproject | fedora | 36 | cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
[
{
"vendor": "n/a",
"product": "libcaca",
"versions": [
{
"version": "master",
"status": "affected"
}
]
}
]
bugzilla.redhat.com/show_bug.cgi?id=1948675
github.com/cacalabs/libcaca/issues/53
lists.debian.org/debian-lts-announce/2024/04/msg00004.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WFGYICNTMNDNMDDUV4G2RYFB5HNJCOV/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PC7EGOEQ5C4OD66ZUJJIIYEXBTZOCMZX/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSBCRN6EGQJUVOSD4OEEQ6XORHEM2CUL/
More
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
40.7%