CVE-2021-30499Improper Restriction of Operations within the Bounds of a Memory Buffer in Libcaca

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-787Out-of-bounds WriteCWE-120Classic Buffer Overflow6 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 82.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Libcaca Project LibcacaDebian LibcacaFedoraproject Fedora
Timeline
PublishedMay 27
Latest updateMay 24

Description

A flaw was found in libcaca. A buffer overflow of export.c in function export_troff might lead to memory corruption and other potential consequences.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

debiandebian/libcaca< libcaca 0.99.beta19-3 (bookworm)
Debianlibcaca_project/libcaca< 0.99.beta19-2.2+deb11u1+3
Ubuntulibcaca_project/libcaca< 0.99.beta19-2ubuntu0.18.04.3+3

Also affects: Fedora 34, 35, 36

🔴Vulnerability Details

3
GHSA
GHSA-23ff-j3f9-vw6f: A flaw was found in libcaca2022-05-24
OSV
libcaca vulnerabilities2021-10-21
OSV
CVE-2021-30499: A flaw was found in libcaca2021-05-27

📋Vendor Advisories

2
Ubuntu
libcaca vulnerabilities2021-10-21
Debian
CVE-2021-30499: libcaca - A flaw was found in libcaca. A buffer overflow of export.c in function export_tr...2021