Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Out-of-bounds Write in libwebsockets PNG parsing
Vulnerability Description
Out-of-bounds Write in unfilter_scanline in warmcat libwebsockets allows, when the LWS_WITH_UPNG flag is enabled during compilation and the HTML display stack is used, to write past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a crafted PNG file with a big width value that causes an integer overflow which value is used for determining the size of a heap allocation.
CVSS Information
N/A
Vulnerability Type
跨界内存写
Vulnerability Title
Libwebsockets 缓冲区错误漏洞
Vulnerability Description
Libwebsockets是lws-team开源的一个规范的 libwebsockets 网络库。 Libwebsockets存在缓冲区错误漏洞,该漏洞源于LWS_WITH_UPNG编译标志启用时,unfilter_scanline函数存在越界写入,可能导致堆缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A