Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Subscription Management Tool 11 SP3 package htmldoc, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2021-20308 — CVSS 9.8 (critical): Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is…
CVE-2019-19630 — CVSS 7.8 (high): HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in…
CVE-2021-43579 — CVSS 7.8 (high): A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML…
CVE-2021-40985 — CVSS 5.5 (medium): A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to…
CVE-2022-0534 — CVSS 5.5 (medium): A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when…