Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Out-of-bounds Read in libwebsockets PNG parsing
Vulnerability Description
Out-of-bounds Read in lws_upng_emit_next_line in warmcat libwebsockets allows, when the LWS_WITH_UPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a crafted PNG file with a big height dimension.
CVSS Information
N/A
Vulnerability Type
跨界内存读
Vulnerability Title
Libwebsockets 缓冲区错误漏洞
Vulnerability Description
Libwebsockets是lws-team开源的一个规范的 libwebsockets 网络库。 Libwebsockets存在缓冲区错误漏洞,该漏洞源于当启用LWS_WITH_UPNG标志并使用HTML显示堆栈时,lws_upng_emit_next_line函数存在越界读取,可能导致读取堆分配缓冲区之外的数据,造成崩溃。
CVSS Information
N/A
Vulnerability Type
N/A