CVE-2021-30498

Name
CVE-2021-30498
Description
A flaw was found in libcaca. A heap buffer overflow in export.c in function export_tga might lead to memory corruption and other potential consequences.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://bugzilla.redhat.com/show_bug.cgi?id=1948675
MISC https://github.com/cacalabs/libcaca/issues/53
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PC7EGOEQ5C4OD66ZUJJIIYEXBTZOCMZX/
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WFGYICNTMNDNMDDUV4G2RYFB5HNJCOV/
Mailing List https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSBCRN6EGQJUVOSD4OEEQ6XORHEM2CUL/
Mailing List https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WFGYICNTMNDNMDDUV4G2RYFB5HNJCOV/
Mailing List https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PC7EGOEQ5C4OD66ZUJJIIYEXBTZOCMZX/
Mailing List https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSBCRN6EGQJUVOSD4OEEQ6XORHEM2CUL/
secalert@redhat.com https://lists.debian.org/debian-lts-announce/2024/04/msg00004.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:libcaca_project:libcaca:-:*:*:*:*:*:*:* libcaca == None == -
cpe:2.3:a:libcaca_project:libcaca:0.99:beta14:*:*:*:*:*:* libcaca == None == 0.99

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libcaca 3.15-community 0.99_beta20-r0 Francesco Colista <fcolista@alpinelinux.org> fixed
libcaca 3.16-community 0.99_beta20-r0 Francesco Colista <fcolista@alpinelinux.org> fixed
libcaca 3.17-community 0.99_beta20-r0 Francesco Colista <fcolista@alpinelinux.org> fixed
libcaca 3.18-community 0.99_beta20-r0 Francesco Colista <fcolista@alpinelinux.org> fixed