Unrated severityNVD Advisory· Published Nov 3, 2021· Updated Aug 4, 2024
CVE-2021-40985
CVE-2021-40985
Description
A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.
Affected products
3- htmldoc/htmldocdescription
- osv-coords2 versionspkg:rpm/opensuse/htmldoc&distro=openSUSE%20Tumbleweedpkg:rpm/suse/htmldoc&distro=Subscription%20Management%20Tool%2011%20SP3
< 1.9.12-2.1+ 1 more
- (no CPE)range: < 1.9.12-2.1
- (no CPE)range: < 1.8.27-170.4.3.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/michaelrsweet/htmldoc/commit/f12b9666e582a8e7b70f11b28e5ffc49ad625d43mitrex_refsource_MISC
- github.com/michaelrsweet/htmldoc/issues/444mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2022/02/msg00022.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.