Home > Vulnerability Database > CVE-2021-26826

Mend.io Vulnerability Database

CVE-2021-26826

Date: February 8, 2021

A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash.

Language: C++

Severity Score

7.8

Related Resources (5)

Url: https://github.com/godotengine/godot/pull/45701

Url: https://security-tracker.debian.org/tracker/CVE-2021-26826

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-26826

Url: https://github.com/godotengine/godot/pull/45701/commits/403e4fd08b0b212e96f53d926e6273e0745eaa5a

Url: https://www.mend.io/vulnerability-database/CVE-2021-26826

Severity Score

7.8

Weakness Type (CWE)

Out-of-bounds Write

CWE-787

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	6.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2021-26826

Date: February 8, 2021

Language: C++

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?