CVE-2021-26826: Out-of-bounds Write

February 8, 2021 (updated February 11, 2021)

A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash.

References

nvd.nist.gov/vuln/detail/CVE-2021-26826

Code Behaviors & Features

Detect and mitigate CVE-2021-26826 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →