Vulnerability Details CVE-2021-40648
In man2html 1.6g, a filename can be created to overwrite the previous size parameter of the next chunk and the fd, bk, fd_nextsize, bk_nextsize of the current chunk. The next chunk is then freed later on, causing a freeing of an arbitrary amount of memory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.8%
CVSS Severity
CVSS v3 Score 5.5
References
Products affected by CVE-2021-40648
-
cpe:2.3:a:man2html_project:man2html:1.6g