HTMLDOC Project HTMLDOC 1.9.13

CPE Details

HTMLDOC Project HTMLDOC 1.9.13
htmldoc_project
htmldoc
1.9.13
2022-01-14
13h36 +00:00
2022-01-20
18h01 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:htmldoc_project:htmldoc:1.9.13:*:*:*:*:*:*:*

Informations

Vendor

htmldoc_project

Product

htmldoc

Version

1.9.13

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-45508 2024-08-31 22h00 +00:00 HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node.
9.8
Critical
CVE-2022-0137 2022-11-14 17h01 +00:00 A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries.
7.5
High
CVE-2022-28085 2022-04-27 00h19 +00:00 A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS).
7.8
High
CVE-2022-24191 2022-04-04 08h33 +00:00 In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow.
5.5
Medium
CVE-2021-43579 2021-11-12 16h49 +00:00 A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file.
7.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.