6 matches found
CVE-2025-11679
Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...
CVE-2025-11680 Out-of-bounds Write in libwebsockets PNG parsing
Out-of-bounds Write in unfilterscanline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to write past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...
CVE-2025-11680
CVE-2025-11680 affects libwebsocketsβ unfilter_scanline in the warmcat library. When compiled with LWS_WITH_UPNG and the HTML display stack is used, a crafted PNG with a large width can trigger an integer overflow that determines the size of a heap allocation, enabling an out-of-bounds write and ...
CVE-2025-11680
Out-of-bounds Write in unfilterscanline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to write past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...
CVE-2025-11679 Out-of-bounds Read in libwebsockets PNG parsing
Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...
CVE-2025-11679
CVE-2025-11679 affects warmcat libwebsockets where an out-of-bounds read in lws_upng_emit_next_line can occur if LWS_WITH_UPNG is enabled and the HTML display stack is used, potentially crashing a heap-allocated buffer when a crafted PNG with large height is viewed. Public sources (Fedora, Debian...