CVE-2022-0137

Summary

A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries.

Affected Software

VendorProductVersion RangeStatus
michaelrsweethtmldoc1.9.14affected
michaelrsweethtmldoc1.9.15unaffected

Weaknesses

  • CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References