CVE-2021-33798 — NULL Pointer Dereference in Libpano13

CWE-476 — NULL Pointer Dereference3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.0%

top 87.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libpano13 Libpano13 Project Libpano13

Timeline

PublishedJul 7

Description

A null pointer dereference was found in libpano13, version libpano13-2.9.20. The flow allows attackers to cause a denial of service and potential code execute via a crafted file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5libpano13/libpano132.9.20

▶NVDlibpano13_project/libpano132.9.20

Patches

Patch: sourceforge.net ↗Patch: sourceforge.net ↗

🔴Vulnerability Details

GHSA

GHSA-573q-g6cg-g6cq: A null pointer dereference was found in libpano13, version libpano13-2↗2023-07-07

▶

OSV

CVE-2021-33798: A null pointer dereference was found in libpano13, version libpano13-2↗2023-07-07

▶