CVE-2021-40648

Published: 09/09/2022 Updated: 14/09/2022

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

In man2html 1.6g, a filename can be created to overwrite the previous size parameter of the next chunk and the fd, bk, fd_nextsize, bk_nextsize of the current chunk. The next chunk is then freed later on, causing a freeing of an arbitrary amount of memory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
man2html project man2html 1.6g

Debian Bug report logs - #1062069 man2html: CVE-2021-40648 Package: src:man2html; Maintainer for src:man2html is Robert Luberda <robert@debianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Thu, 13 Oct 2022 19:18:02 UTC Severity: important Tags: moreinfo, security, upstream Reply or subscribe to t ...

Debian Bug report logs - #1021738 man2html: CVE-2021-40647 CVE-2021-40648 Package: src:man2html; Maintainer for src:man2html is Robert Luberda <robert@debianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Thu, 13 Oct 2022 19:18:02 UTC Severity: important Tags: security, upstream Reply or subscribe ...

CWE-20 https://gist.github.com/untaman/cb58123fe89fc65e3984165db5d40933 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062069

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-40648

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect