{"id":"CVE-2022-0137","details":"A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries.","modified":"2026-03-20T11:45:29.904267Z","published":"2022-11-14T18:15:15.903Z","references":[{"type":"FIX","url":"https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b"},{"type":"FIX","url":"https://github.com/michaelrsweet/htmldoc/issues/461"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/michaelrsweet/htmldoc","events":[{"introduced":"0"},{"fixed":"b66755a38ac6b05275f4bb20ff2e854ef515dba9"},{"fixed":"71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.9.15"}]}}],"versions":["v1.8.30","v1.9","v1.9.1","v1.9.10","v1.9.11","v1.9.12","v1.9.13","v1.9.14","v1.9.2","v1.9.3","v1.9.4","v1.9.5","v1.9.6","v1.9.7","v1.9.8","v1.9.9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-0137.json","vanir_signatures":[{"signature_version":"v1","signature_type":"Line","id":"CVE-2022-0137-8d187efe","source":"https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b","target":{"file":"htmldoc/image.cxx"},"deprecated":false,"digest":{"line_hashes":["297472981316507945839698675243757011004","295268479066187838981750786933877699106","180283088309811897946039373889332944095","49970225574026909264440847956427795","162774849934666592158944790360900615107","88962972294982122508466774206613362823","7171333243352453904152759386472981638","51235282975610117606622240123798757686","128143176622412102198312061576007995858","234151772096908441394105233358954655232","322032723577332973482566653982131773070","338988096033338076431520303229355448142","327754122936077237617782704663087344531","22440375215000570540409524770429470750","249671219425354352373369169634643158321"],"threshold":0.9}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2022-0137-9d651ef5","source":"https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b","target":{"function":"image_load_gif","file":"htmldoc/image.cxx"},"deprecated":false,"digest":{"length":1959,"function_hash":"338219982382261317122099606761924980092"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2022-0137-caf470eb","source":"https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b","target":{"function":"image_set_mask","file":"htmldoc/image.cxx"},"deprecated":false,"digest":{"length":1034,"function_hash":"105585053437073363818563317706400233635"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}