Htmldoc Project: >> Htmldoc >> 1.9.16 Security Vulnerabilities
HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-09-01
There is a vulnerability in htmldoc 1.9.16. In image_load_jpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpeg_read_scanlines function.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-05-09