CVE-2021-28856

Source
https://cve.org/CVERecord?id=CVE-2021-28856
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-28856.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-28856
Published
2021-04-14T17:15:14.427Z
Modified
2026-04-11T17:12:17.178385Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize.

References

Affected packages

Git / github.com/jsummers/deark

Affected ranges

Type
GIT
Repo
https://github.com/jsummers/deark
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.5.8"
        }
    ]
}

Affected versions

v1.*
v1.5.5
v1.5.6
v1.5.7

Database specific

vanir_signatures_modified
"2026-04-11T17:12:17Z"
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-28856.json"
vanir_signatures
[
    {
        "signature_version": "v1",
        "digest": {
            "length": 1711.0,
            "function_hash": "248262192169236894308598232324636050185"
        },
        "target": {
            "function": "fmtutil_macbitmap_read_pixmap_only_fields",
            "file": "src/fmtutil.c"
        },
        "source": "https://github.com/jsummers/deark/commit/62acb7753b0e3c0d3ab3c15057b0a65222313334",
        "signature_type": "Function",
        "id": "CVE-2021-28856-20c93b3c",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "244882389384385273642324215724738835063",
                "307193932932608575538273208167705831698",
                "139963083082355081054987694254954411722",
                "181154449912201028302768243979563471015"
            ]
        },
        "target": {
            "file": "src/fmtutil.c"
        },
        "source": "https://github.com/jsummers/deark/commit/62acb7753b0e3c0d3ab3c15057b0a65222313334",
        "signature_type": "Line",
        "id": "CVE-2021-28856-a2b20c9c",
        "deprecated": false
    }
]