{"id":"CVE-2021-36489","details":"Buffer Overflow vulnerability in Allegro through 5.2.6 allows attackers to cause a denial of service via crafted PCX/TGA/BMP files to allegro_image addon.","modified":"2026-04-12T00:39:56.689972Z","published":"2023-02-03T18:15:10.140Z","references":[{"type":"REPORT","url":"https://github.com/liballeg/allegro5/issues/1251"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/liballeg/allegro5","events":[{"introduced":"0"},{"last_affected":"5e0db6b985eb2714fd276d8808b45f31ea6f52d9"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"5.2.6"}],"source":"CPE_FIELD","cpe":"cpe:2.3:a:liballeg:allegro:*:*:*:*:*:*:*:*"}}],"versions":["5.1.10","5.1.11","5.1.3","5.1.4","5.1.5","5.1.6","5.1.7","5.1.8","5.1.9","5.2.6.0","allegro_4_0_branch_point@1892","allegro_5_fork_point@1845","allegro_console_branch_point@3789","new_api_branch_point@4418","v3-9-34@322","v3-9-35@443","v3-9-36@566","v3-9-37@764","v3-9-38@1107","v3-9-39@1366","v3-9-40@1561","v4-0-0@1758","v4-0-1@1892","v4-0-2@1892","v4-0-3@1892","v4-1-0@2243","v4-1-10@3560","v4-1-11@3621","v4-1-12@3911","v4-1-13@4091","v4-1-14@4150","v4-1-15@4357","v4-1-1@2341","v4-1-2@2458","v4-1-3@2511","v4-1-4@2620","v4-1-5@2695","v4-1-6@2723","v4-1-7@2742","v4-1-8@2768","v4-1-9@2943"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-36489.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}