First published: Fri Sep 17 2021(Updated: )
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Libsixel Project Libsixel | =1.8.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-21548 is a vulnerability in Libsixel 1.8.3 that allows a heap-based buffer overflow.
CVE-2020-21548 has a severity rating of 8.8 (high).
Libsixel 1.8.3 is affected by CVE-2020-21548.
CVE-2020-21548 belongs to CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-787 (Out-of-bounds Write).
Update Libsixel to a version that is not affected by CVE-2020-21548.