Medium severityOSV Advisory· Published Jan 27, 2026· Updated May 6, 2026
CVE-2026-24806
CVE-2026-24806
Description
Improper Control of Generation of Code ('Code Injection') vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules). This vulnerability is associated with program files PNGImageEncoder.Java.
This issue affects quick-media: before v1.0.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.github.liuyueyi.media:batik-codec-fixMaven | <= 3.0.0 | — |
Affected products
1- Range: v0.001, v0.002, v0.003, …
Patches
129c078450ad2Merge pull request #122 from simei2k/patch-1
1 file changed · +22 −2
plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png/PNGImageEncoder.java+22 −2 modified@@ -89,8 +89,28 @@ public void write(byte[] b) throws IOException { } public void write(byte[] b, int off, int len) throws IOException { - dos.write(b, off, len); - } + // Input validation + if (b == null) { + throw new NullPointerException(); + } + + if (off < 0 || len < 0 || off + len > b.length) { + throw new ArrayIndexOutOfBoundsException(); + } + + // Original buffering logic + while (len > 0) { + int bytes = Math.min(segmentLength - bytesWritten, len); + System.arraycopy(b, off, buffer, bytesWritten, bytes); + off += bytes; + len -= bytes; + bytesWritten += bytes; + + if (bytesWritten == segmentLength) { + flush(); + } + } + } public void write(int b) throws IOException { dos.write(b);
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-8623-9fwr-4cxvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-24806ghsaADVISORY
- github.com/liuyueyi/quick-media/commit/29c078450ad2865c7ad196c658cacfab55b207eeghsaWEB
- github.com/liuyueyi/quick-media/pull/122nvdWEB
- github.com/github/advisory-database/pull/7437nvd
- github.com/liuyueyi/quick-media/pull/122nvd
News mentions
0No linked articles in our index yet.