CVE-2022-34033

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-34033
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-34033.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-34033
Downstream
Published
2022-07-18T21:15:08Z
Modified
2025-09-19T13:58:10.569802Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273.

References

Affected packages

Git / github.com/michaelrsweet/htmldoc

Affected ranges

Type
GIT
Repo
https://github.com/michaelrsweet/htmldoc
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

v1.*

v1.8.30
v1.9
v1.9.1
v1.9.10
v1.9.11
v1.9.2
v1.9.3
v1.9.4
v1.9.5
v1.9.6
v1.9.7
v1.9.8
v1.9.9

Database specific

{
    "vanir_signatures": [
        {
            "target": {
                "file": "htmldoc/htmlsep.cxx"
            },
            "id": "CVE-2022-34033-0c439e4a",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
            "digest": {
                "line_hashes": [
                    "11010690573073373580475564536898215144",
                    "236316283598532968317843142618347846715",
                    "145973939134357512795454432063857196233",
                    "138927736457626378013633625171807371122"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "signature_type": "Line",
            "deprecated": false
        },
        {
            "target": {
                "file": "htmldoc/htmllib.cxx"
            },
            "id": "CVE-2022-34033-1fbddf92",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e",
            "digest": {
                "line_hashes": [
                    "234785802684792096917207989401605288278",
                    "107672797784367060433788604832715650575",
                    "126775171584662616747868599505292290663",
                    "141977703225416445065225212901493540205",
                    "138808994154111565723513260536960505260",
                    "158664751007983522563107000516190651111",
                    "245598300303168395589188424596280455781",
                    "114467633332899921658977922439920740892",
                    "64780672789368538494132268719342144961",
                    "202423935383213673756913408541880303964",
                    "160910629128377498137551931738960734278",
                    "113945988469408376540251915538173454550",
                    "127316884730954973287442813256628260259",
                    "121593319098276441906138329850905266813",
                    "277240015104719155192838511861601358151",
                    "84569678992013683809641059764502864028"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "signature_type": "Line",
            "deprecated": false
        },
        {
            "target": {
                "file": "htmldoc/htmllib.cxx"
            },
            "id": "CVE-2022-34033-70f8acc3",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
            "digest": {
                "line_hashes": [
                    "155638652250477494028280661954510983649",
                    "305128306086874322804277267068834369421",
                    "239540685006073603459403639881075305181",
                    "138927736457626378013633625171807371122"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "signature_type": "Line",
            "deprecated": false
        },
        {
            "target": {
                "file": "htmldoc/html.cxx"
            },
            "id": "CVE-2022-34033-77d4de2d",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
            "digest": {
                "line_hashes": [
                    "281283668154379978146099682993417865941",
                    "11010690573073373580475564536898215144",
                    "236316283598532968317843142618347846715",
                    "145973939134357512795454432063857196233",
                    "138927736457626378013633625171807371122"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "signature_type": "Line",
            "deprecated": false
        },
        {
            "target": {
                "file": "htmldoc/htmlsep.cxx",
                "function": "write_node"
            },
            "id": "CVE-2022-34033-7e1e90f6",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
            "digest": {
                "length": 3580.0,
                "function_hash": "175863848132261062858669516373905615154"
            },
            "signature_version": "v1",
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "target": {
                "file": "htmldoc/testhtml.cxx"
            },
            "id": "CVE-2022-34033-af65db43",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e",
            "digest": {
                "line_hashes": [
                    "262806988648920606190884753042407998572",
                    "242810262689368385328692602182116265446",
                    "312538155704082972608823509445976074895",
                    "278788631131752346286035340557475704262",
                    "190177450537050358124259763931810504927",
                    "20478792993146418444206333529513627782",
                    "102043806513715176829813927614663154016",
                    "124765032087851127907750529542039045826",
                    "62241978059388003535691878735061670763",
                    "27784967264506964768214472104567925846"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "signature_type": "Line",
            "deprecated": false
        },
        {
            "target": {
                "file": "htmldoc/html.cxx",
                "function": "write_node"
            },
            "id": "CVE-2022-34033-b914cac3",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
            "digest": {
                "length": 3595.0,
                "function_hash": "139865939855947168328976917133857666007"
            },
            "signature_version": "v1",
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "target": {
                "file": "htmldoc/testhtml.cxx",
                "function": "show_tree"
            },
            "id": "CVE-2022-34033-ccd1aa28",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e",
            "digest": {
                "length": 339.0,
                "function_hash": "278557957529530301282223491898702162415"
            },
            "signature_version": "v1",
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "target": {
                "file": "htmldoc/htmllib.cxx",
                "function": "write_file"
            },
            "id": "CVE-2022-34033-d8b5c8c6",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3",
            "digest": {
                "length": 3185.0,
                "function_hash": "34742748971672615881901812179954426979"
            },
            "signature_version": "v1",
            "signature_type": "Function",
            "deprecated": false
        },
        {
            "target": {
                "file": "htmldoc/htmllib.cxx",
                "function": "htmlGetText"
            },
            "id": "CVE-2022-34033-dba96d92",
            "source": "https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e",
            "digest": {
                "length": 677.0,
                "function_hash": "76173524937074759609021912018594316081"
            },
            "signature_version": "v1",
            "signature_type": "Function",
            "deprecated": false
        }
    ]
}