cvedb.io
CVE-2021-40648
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2022-09-09T18:15:09.247 · Last modified 2026-06-17T04:07:12.957

Summary

In man2html 1.6g, a filename can be created to overwrite the previous size parameter of the next chunk and the fd, bk, fd_nextsize, bk_nextsize of the current chunk. The next chunk is then freed later on, causing a freeing of an arbitrary amount of memory.

Affected products

man2html_project — man2html

Does this affect you?

Add your gear to cvedb and we'll alert you only when man2html_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.