CVE-2022-24191

CVE-2022-24191

EPSS 0.7%

In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/michaelrsweet/htmldoc/issues/470 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RPDZLHOMPSA2LBXXFTZ5UADZWGYYWH7/