CVE-2022-27114

Source
https://cve.org/CVERecord?id=CVE-2022-27114
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-27114.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-27114
Downstream
Related
Published
2022-05-09T16:52:39Z
Modified
2026-07-15T01:35:05.181234Z
Summary
[none]
Details

There is a vulnerability in htmldoc 1.9.16. In imageloadjpeg function image.cxx when it calls malloc,'img->width' and 'img->height' they are large enough to cause an integer overflow. So, the malloc function may return a heap blosmaller than the expected size, and it will cause a buffer overflow/Address boundary error in the jpegreadscanlines function.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/27xxx/CVE-2022-27114.json",
    "cna_assigner": "mitre"
}
References

Affected packages

Git / github.com/michaelrsweet/htmldoc

Affected ranges

Type
GIT
Repo
https://github.com/michaelrsweet/htmldoc
Events
Database specific
{
    "cpe": "cpe:2.3:a:htmldoc_project:htmldoc:1.9.16:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "1.9.16"
        },
        {
            "last_affected": "1.9.16"
        }
    ],
    "source": [
        "CPE_STRING",
        "REFERENCES"
    ]
}

Affected versions

1.*
1.9.16

Database specific

vanir_signatures_modified
"2026-07-15T01:35:05Z"
vanir_signatures
[
    {
        "source": "https://github.com/michaelrsweet/htmldoc/commit/31f780487e5ddc426888638786cdc47631687275",
        "id": "CVE-2022-27114-973186cc",
        "signature_version": "v1",
        "signature_type": "Line",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "22248037274654815650576322048949287649",
                "296267264495823945779616527713243343029",
                "54805180142347034579293677483579791376",
                "20168580982717471945539945481714769220",
                "161029606450311038018640252069572140345",
                "44015766389042975539425594357402522582",
                "199150106324938499033452393139848187681",
                "319593469495359680306054830735473771766",
                "199852375355020133944898896514129910403",
                "216794987705941529715646134661982004094",
                "297929791160051720547755394787491271325",
                "7171333243352453904152759386472981638",
                "51235282975610117606622240123798757686",
                "139219188293486094321898282517797944219",
                "95795465467944516194981923126261552544",
                "187404233367137448172080560522809448340",
                "260172315706847100484704933799299393600",
                "74720969679059144997190065584026944843",
                "268732769885590353792037465098898972395",
                "281414488574503611417848351362295128022",
                "138700746721977183646352493457492251959"
            ]
        },
        "target": {
            "file": "htmldoc/image.cxx"
        }
    },
    {
        "source": "https://github.com/michaelrsweet/htmldoc/commit/31f780487e5ddc426888638786cdc47631687275",
        "id": "CVE-2022-27114-9bd92723",
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "function_hash": "241568264683061213505846123332327175641",
            "length": 1959.0
        },
        "target": {
            "file": "htmldoc/image.cxx",
            "function": "image_load_gif"
        }
    },
    {
        "source": "https://github.com/michaelrsweet/htmldoc/commit/31f780487e5ddc426888638786cdc47631687275",
        "id": "CVE-2022-27114-dd877a75",
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "function_hash": "73575095114162104851611625724241060175",
            "length": 1690.0
        },
        "target": {
            "file": "htmldoc/image.cxx",
            "function": "image_load_jpeg"
        }
    },
    {
        "source": "https://github.com/michaelrsweet/htmldoc/commit/31f780487e5ddc426888638786cdc47631687275",
        "id": "CVE-2022-27114-ef3bc290",
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "function_hash": "92107085259171046339019667125662630305",
            "length": 4174.0
        },
        "target": {
            "file": "htmldoc/image.cxx",
            "function": "image_load_png"
        }
    },
    {
        "source": "https://github.com/michaelrsweet/htmldoc/commit/31f780487e5ddc426888638786cdc47631687275",
        "id": "CVE-2022-27114-f8105265",
        "signature_version": "v1",
        "signature_type": "Function",
        "deprecated": false,
        "digest": {
            "function_hash": "206302635082091458458529011910038932243",
            "length": 4392.0
        },
        "target": {
            "file": "htmldoc/image.cxx",
            "function": "image_load_bmp"
        }
    }
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-27114.json"