1. CVE-Search
  2. CVE-2021-26826
ID CVE-2021-26826
Summary A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash.
References
Vulnerable Configurations
  • cpe:2.3:a:godotengine:godot_engine:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.0.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.0.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:2.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:2.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:godotengine:godot_engine:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:godotengine:godot_engine:3.2:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 11-02-2021 - 16:08)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
Last major update 11-02-2021 - 16:08
Published 08-02-2021 - 15:15
Last modified 11-02-2021 - 16:08
Back to Top