Astra Linux – Vulnerability in htmldoc

There is a vulnerability in htmldoc 1.9.16. In the imageloadjpeg function, when image.cxx calls malloc, ‘img-width’ and ‘img-height’ are too large to prevent an integer overflow. As a result, the malloc function may return a heap block smaller than expected, causing a buffer overflow/Address...

SUSE CVE-2022-27114

There is a vulnerability in htmldoc 1.9.16. In imageloadjpeg function image.cxx when it calls malloc,'img-width' and 'img-height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer...

OSV-2022-715 Segv on unknown address in jpeg_read_scanlines

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50217 https://pillow.readthedocs.io/en/stable/releasenotes/9.3.0.htmldecode-jpeg-compressed-blp1-data-in-original-mode Crash type: Segv on unknown address Crash state: jpegreadscanlines ImagingJpegDecode decode...

DEBIAN-CVE-2022-27114

There is a vulnerability in htmldoc 1.9.16. In imageloadjpeg function image.cxx when it calls malloc,'img-width' and 'img-height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer...

HTMLDOC 输入验证错误漏洞

HTMLDOC is an open source program that converts HTML and Markdown files to EPUB, Indexed HTML, PostScript and PDF formats. A security vulnerability exists in HTMLDOC version 1.9.16, which stems from the fact that when the imageloadjpeg method calls malloc, img-width and img-height they are large...