CVE-2022-34033
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-34033
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-34033.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-34033
- Downstream
- Published
- 2022-07-18T21:15:08Z
- Modified
- 2025-09-19T13:58:10.569802Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273.
- References
Affected packages
Git / github.com/michaelrsweet/htmldoc
Affected ranges
- Type
- GIT
- Repo
- https://github.com/michaelrsweet/htmldoc
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
v1.*
v1.8.30
v1.9
v1.9.1
v1.9.10
v1.9.11
v1.9.2
v1.9.3
v1.9.4
v1.9.5
v1.9.6
v1.9.7
v1.9.8
v1.9.9
Database specific
{
"vanir_signatures": [
{
"target": {
"file": "htmldoc/htmlsep.cxx"
},
"id": "CVE-2022-34033-0c439e4a",
"source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
"digest": {
"line_hashes": [
"11010690573073373580475564536898215144",
"236316283598532968317843142618347846715",
"145973939134357512795454432063857196233",
"138927736457626378013633625171807371122"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "htmldoc/htmllib.cxx"
},
"id": "CVE-2022-34033-1fbddf92",
"source": "https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e",
"digest": {
"line_hashes": [
"234785802684792096917207989401605288278",
"107672797784367060433788604832715650575",
"126775171584662616747868599505292290663",
"141977703225416445065225212901493540205",
"138808994154111565723513260536960505260",
"158664751007983522563107000516190651111",
"245598300303168395589188424596280455781",
"114467633332899921658977922439920740892",
"64780672789368538494132268719342144961",
"202423935383213673756913408541880303964",
"160910629128377498137551931738960734278",
"113945988469408376540251915538173454550",
"127316884730954973287442813256628260259",
"121593319098276441906138329850905266813",
"277240015104719155192838511861601358151",
"84569678992013683809641059764502864028"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "htmldoc/htmllib.cxx"
},
"id": "CVE-2022-34033-70f8acc3",
"source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
"digest": {
"line_hashes": [
"155638652250477494028280661954510983649",
"305128306086874322804277267068834369421",
"239540685006073603459403639881075305181",
"138927736457626378013633625171807371122"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "htmldoc/html.cxx"
},
"id": "CVE-2022-34033-77d4de2d",
"source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
"digest": {
"line_hashes": [
"281283668154379978146099682993417865941",
"11010690573073373580475564536898215144",
"236316283598532968317843142618347846715",
"145973939134357512795454432063857196233",
"138927736457626378013633625171807371122"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "htmldoc/htmlsep.cxx",
"function": "write_node"
},
"id": "CVE-2022-34033-7e1e90f6",
"source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
"digest": {
"length": 3580.0,
"function_hash": "175863848132261062858669516373905615154"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "htmldoc/testhtml.cxx"
},
"id": "CVE-2022-34033-af65db43",
"source": "https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e",
"digest": {
"line_hashes": [
"262806988648920606190884753042407998572",
"242810262689368385328692602182116265446",
"312538155704082972608823509445976074895",
"278788631131752346286035340557475704262",
"190177450537050358124259763931810504927",
"20478792993146418444206333529513627782",
"102043806513715176829813927614663154016",
"124765032087851127907750529542039045826",
"62241978059388003535691878735061670763",
"27784967264506964768214472104567925846"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"target": {
"file": "htmldoc/html.cxx",
"function": "write_node"
},
"id": "CVE-2022-34033-b914cac3",
"source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
"digest": {
"length": 3595.0,
"function_hash": "139865939855947168328976917133857666007"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "htmldoc/testhtml.cxx",
"function": "show_tree"
},
"id": "CVE-2022-34033-ccd1aa28",
"source": "https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e",
"digest": {
"length": 339.0,
"function_hash": "278557957529530301282223491898702162415"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "htmldoc/htmllib.cxx",
"function": "write_file"
},
"id": "CVE-2022-34033-d8b5c8c6",
"source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
"digest": {
"length": 3185.0,
"function_hash": "34742748971672615881901812179954426979"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"target": {
"file": "htmldoc/htmllib.cxx",
"function": "htmlGetText"
},
"id": "CVE-2022-34033-dba96d92",
"source": "https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e",
"digest": {
"length": 677.0,
"function_hash": "76173524937074759609021912018594316081"
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
}
]
}