Vulnerability Details CVE-2021-26826
A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2021-26826
-
cpe:2.3:a:godotengine:godot_engine:1.0
-
cpe:2.3:a:godotengine:godot_engine:1.1
-
cpe:2.3:a:godotengine:godot_engine:2.0
-
cpe:2.3:a:godotengine:godot_engine:2.0.1
-
cpe:2.3:a:godotengine:godot_engine:2.0.2
-
cpe:2.3:a:godotengine:godot_engine:2.0.3
-
cpe:2.3:a:godotengine:godot_engine:2.0.4
-
cpe:2.3:a:godotengine:godot_engine:2.0.4.1
-
cpe:2.3:a:godotengine:godot_engine:2.1
-
cpe:2.3:a:godotengine:godot_engine:2.1.1
-
cpe:2.3:a:godotengine:godot_engine:2.1.2
-
cpe:2.3:a:godotengine:godot_engine:2.1.3
-
cpe:2.3:a:godotengine:godot_engine:2.1.4
-
cpe:2.3:a:godotengine:godot_engine:2.1.5
-
cpe:2.3:a:godotengine:godot_engine:2.1.6
-
cpe:2.3:a:godotengine:godot_engine:3.0
-
cpe:2.3:a:godotengine:godot_engine:3.0.1
-
cpe:2.3:a:godotengine:godot_engine:3.0.2
-
cpe:2.3:a:godotengine:godot_engine:3.0.3
-
cpe:2.3:a:godotengine:godot_engine:3.0.4
-
cpe:2.3:a:godotengine:godot_engine:3.0.5
-
cpe:2.3:a:godotengine:godot_engine:3.0.6
-
cpe:2.3:a:godotengine:godot_engine:3.1
-
cpe:2.3:a:godotengine:godot_engine:3.1.1
-
cpe:2.3:a:godotengine:godot_engine:3.1.2
-
cpe:2.3:a:godotengine:godot_engine:3.2