Remote Code Execution (RCE)

2021-05-1200:58:20

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.01 Low

EPSS

Percentile

83.6%

JSON

htmldoc is vulnerable to remote code execution. The vulnerability exists due to an integer overflow.

CPENameOperatorVersion
htmldoc:sideq1.9.8-2
htmldoc:bullseyeeq1.9.8-2
htmldoc:stretcheq1.8.27-8+b5
htmldoc:sideq1.9.8-2
htmldoc:bullseyeeq1.9.8-2
htmldoc:stretcheq1.8.27-8+b5

Name	Operator	Version
htmldoc:sid	eq	1.9.8-2
htmldoc:bullseye	eq	1.9.8-2
htmldoc:stretch	eq	1.8.27-8+b5
htmldoc:sid	eq	1.9.8-2
htmldoc:bullseye	eq	1.9.8-2
htmldoc:stretch	eq	1.8.27-8+b5

References

bugzilla.redhat.com/show_bug.cgi?id=1946289

github.com/michaelrsweet/htmldoc/issues/423

lists.debian.org/debian-lts-announce/2021/07/msg00000.html

security-tracker.debian.org/tracker/CVE-2021-20308

0.01 Low

EPSS

Percentile

83.6%

JSON

Related for VERACODE:30420