Lucene search
K

6 matches found

CVE
CVE
added 2022/03/16 2:12 p.m.97 views

CVE-2021-23165

CVE-2021-23165 affects HTMLDOC prior to v1.9.12. The issue is a heap buffer overflow in pspdf_prepare_outpages() within ps-pdf.cxx, which may allow arbitrary code execution and denial of service. Publicly cited analyses come from multiple sources (NVD entry for CVE-2021-23165 and Gentoo GLSA 2024...

10CVSS9.7AI score0.03291EPSS
CVE
CVE
added 2024/09/01 12:0 a.m.94 views

CVE-2024-45508

CVE-2024-45508 affects HTMLDOC prior to 1.9.19. The issue is an out-of-bounds write in parse_paragraph (ps-pdf.cxx) caused by attempting to strip leading whitespace from a whitespace-only node. Connected advisories (Mageia, openSUSE, Ubuntu USN, OSV) confirm the same root cause and indicate a pat...

9.8CVSS7AI score0.00706EPSS
CVE
CVE
added 2022/04/04 10:33 a.m.88 views

CVE-2022-24191

CVE-2022-24191 concerns HTMLDOC 1.9.14 where an infinite loop in the gif_read_lzw function can cause a pointer to an area of heap memory, resulting in a heap-based buffer overflow. Connected sources (Astra Linux bulletin) reiterate the same description without adding explicit patch details. No ex...

5.5CVSS5.7AI score0.00727EPSS
CVE
CVE
added 2022/11/14 5:1 p.m.79 views

CVE-2022-0137

HTMLDOC contains a heap buffer overflow in the image_set_mask function, exploitable on versions before 1.9.15. The vulnerability can cause out-of-bounds writes with potential denial of service and, in some advisories, arbitrary code execution. CVE-2022-0137 is the primary entry, with related advi...

7.5CVSS5.9AI score0.00555EPSS
CVE
CVE
added 2021/11/03 4:8 p.m.75 views

CVE-2021-40985

CVE-2021-40985 affects htmldoc prior to 1.9.12, with a stack-based buffer under-read in image_load_bmp when processing BMP images, leading to denial of service. Several advisories confirm the issue and recommend upgrading to newer HTMLDOC versions (e.g., GNU/Linux distributions advise upgrading b...

5.5CVSS5.6AI score0.00871EPSS
CVE
CVE
added 2022/04/27 2:19 a.m.67 views

CVE-2022-28085

The CVE-2022-28085 issue affects the HTMLDOC project. A heap buffer overflow in pdf_write_names (ps-pdf.cxx) after commit 31f7804 may allow arbitrary code execution and denial of service. Affected component: htmldoc; root cause: insufficient bounds handling in ps-pdf.cxx. Impact: potential remote...

7.8CVSS8.1AI score0.01075EPSS