PT-2025-42763 · Unknown+1 · Libwebsockets+1
Published
2025-10-20
·
Updated
2025-10-20
·
CVE-2025-11680
CVSS v4.0
5.9
Medium
| Vector | AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
libwebsockets (affected versions not specified)
Description
An out-of-bounds write issue exists in the
unfilter scanline function of libwebsockets. This occurs when the LWS WITH UPNG flag is enabled during compilation and the HTML display stack is used. The issue is triggered by visiting a website containing a crafted PNG file with a large width value, leading to an integer overflow. This overflow affects the size calculation for a heap allocation, potentially causing a crash due to writing past a heap-allocated buffer.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Libwebsockets