CVE-2021-23191

EUVD-2021-10298
A security issue was found in htmldoc v1.9.12 and before. A NULL pointer dereference in the function image_load_jpeg() in image.cxx may result in denial of service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
htmldoc_projecthtmldoc
𝑥
≤ 1.9.12
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
htmldoc
bookworm
1.9.16-1
fixed
bullseye
1.9.11-4+deb11u3
fixed
sid
1.9.18-3
fixed
trixie
1.9.18-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
htmldoc
bionic
needed
focal
needed
groovy
ignored
hirsute
ignored
impish
ignored
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
trusty
needs-triage
xenial
needs-triage
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=1967022
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
https://github.com/michaelrsweet/htmldoc/issues/415
https://ubuntu.com/security/CVE-2021-23191
https://bugzilla.redhat.com/show_bug.cgi?id=1967022
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
https://github.com/michaelrsweet/htmldoc/issues/415
https://ubuntu.com/security/CVE-2021-23191