Lucene search
HistoryNov 14, 2022 - 6:15 p.m.
CVE-2022-0137
cve-2022-0137
htmldoc
heap buffer overflow
security vulnerability
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.4%
A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries.
Affected configurations
Node
htmldoc_projecthtmldocRange<1.9.15
| CPE | Name | Operator | Version |
|---|---|---|---|
| htmldoc_project:htmldoc | htmldoc project htmldoc | lt | 1.9.15 |
CNA Affected
[
{
"collectionURL": "https://github.com/michaelrsweet/htmldoc",
"defaultStatus": "unknown",
"product": "htmldoc",
"vendor": "michaelrsweet",
"versions": [
{
"status": "affected",
"version": "1.9.14"
},
{
"status": "unaffected",
"version": "1.9.15"
}
]
}
]References
Social References
More
Related
cvelist
cvelist
CVE-2022-0137
2022-11-14 17:01:45
osv
osv
CVE-2022-0137
2022-11-14 18:15:15
nvd
nvd
CVE-2022-0137
2022-11-14 18:15:15
debiancve
debiancve
CVE-2022-0137
2022-11-14 18:15:15
ubuntucve
ubuntucve
CVE-2022-0137
2022-11-14 00:00:00
veracode
veracode
Heap-based Buffer Overflow
2022-11-23 08:54:01
prion
prion
Heap overflow
2022-11-14 18:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2399
2024-04-17 13:31:16
nessus
nessus
GLSA-202405-07 : HTMLDOC: Multiple Vulnerabilities
2024-05-04 00:00:00
gentoo
gentoo
HTMLDOC: Multiple Vulnerabilities
2024-05-04 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.4%
Related for CVE-2022-0137