Your submission was sent successfully! Close

CVE-2022-27114

Published: 9 May 2022

There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
htmldoc
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

impish Ignored
(reached end-of-life)
jammy Needs triage

trusty Needs triage

upstream Needs triage