Hpvb

Name of the Vulnerable Software and Affected Versions: Godot Engine versions up to v3.2 Description: An integer overflow issue exists in the Godot Engine that can be triggered when loading specially crafted .TGA image files. The issue is located in the `ImageLoaderTGA::load image()` function and leads to a dynamic stack buffer overflow. Depending on the application context, the attack vector can be local or remote, potentially resulting in code execution and/or system crash. Recommendations: For Godot Engine versions up to v3.2, consider disabling the `ImageLoaderTGA::load image()` function when loading .TGA image files to minimize the risk of exploitation until a patch is available. Restrict the loading of .TGA files from untrusted sources to reduce the risk of remote attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Godot Engine versions up to v3.2 Description: A stack overflow issue exists due to improper boundary checks when loading .TGA image files. Depending on the context of the application, the attack vector can be local or remote, and can lead to code execution and/or system crash. Recommendations: For Godot Engine versions up to v3.2, update to a version that includes the fix for the stack overflow issue caused by improper boundary checks when loading .TGA image files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.