Skip to main content

Libcaca

11 CVEs product

Monthly

CVE-2026-42046 HIGH PATCH This Week

libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a controlled heap out-of-bounds write (heap overflow) by supplying a crafted file in the "caca" format. Depending on the build configuration and memory allocator, this may lead to memory corruption or remote code execution. This is the same vulnerability as CVE-2021-3410 but the fix at that time was not fully correct. Commit fb77acff9ba6bb01d53940da34fb10f20b156a23 fixes this vulnerability.

Heap Overflow RCE Buffer Overflow Libcaca
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-0856 MEDIUM POC This Month

libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libcaca Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
2.8%
CVE-2021-30499 HIGH POC This Week

A flaw was found in libcaca. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Libcaca Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.2%
CVE-2021-30498 HIGH POC This Week

A flaw was found in libcaca. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libcaca Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.4%
CVE-2021-3410 HIGH POC This Week

A flaw was found in libcaca v0.99.beta19. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Libcaca Debian Linux Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
0.6%
CVE-2018-20549 HIGH POC This Week

There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Libcaca Ubuntu Linux Debian Linux Fedora +1
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2018-20548 HIGH POC This Week

There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Libcaca Ubuntu Linux Fedora Leap
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2018-20547 HIGH POC This Week

There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Libcaca Ubuntu Linux Debian Linux Fedora +1
NVD
CVSS 3.1
8.1
EPSS
1.8%
CVE-2018-20546 HIGH POC PATCH This Week

There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Libcaca Ubuntu Linux Fedora +2
NVD GitHub
CVSS 3.1
8.1
EPSS
2.3%
CVE-2018-20545 HIGH POC PATCH This Week

There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Libcaca Ubuntu Linux Fedora +1
NVD GitHub
CVSS 3.1
8.8
EPSS
2.4%
CVE-2018-20544 MEDIUM POC This Month

There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libcaca Ubuntu Linux Debian Linux
NVD
CVSS 3.0
6.5
EPSS
1.9%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker to cause a controlled heap out-of-bounds write (heap overflow) by supplying a crafted file in the "caca" format. Depending on the build configuration and memory allocator, this may lead to memory corruption or remote code execution. This is the same vulnerability as CVE-2021-3410 but the fix at that time was not fully correct. Commit fb77acff9ba6bb01d53940da34fb10f20b156a23 fixes this vulnerability.

Heap Overflow RCE Buffer Overflow +1
NVD GitHub VulDB
EPSS 3% CVSS 6.5
MEDIUM POC This Month

libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libcaca Fedora
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

A flaw was found in libcaca. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Libcaca Fedora
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

A flaw was found in libcaca. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Libcaca +1
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC This Week

A flaw was found in libcaca v0.99.beta19. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Libcaca +2
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Libcaca Ubuntu Linux +3
NVD
EPSS 2% CVSS 8.8
HIGH POC This Week

There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Libcaca Ubuntu Linux +2
NVD
EPSS 2% CVSS 8.1
HIGH POC This Week

There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Libcaca Ubuntu Linux +3
NVD
EPSS 2% CVSS 8.1
HIGH POC PATCH This Week

There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Libcaca +4
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Libcaca +3
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC This Month

There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Libcaca Ubuntu Linux +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy