CVE-2021-27799

HIGH

Zint Barcode Generator 2.9.1 - Buffer Overflow

Title source: llm
STIX 2.1

Description

ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code.

References (5)

Core 5
Core References
Exploit, Third Party Advisory x_refsource_misc
https://sourceforge.net/p/zint/tickets/218/
Vendor Advisory x_refsource_misc
http://zint.org.uk/Manual.aspx?type=p&page=3
Vendor Advisory x_refsource_misc
http://zint.org.uk/Manual.aspx?type=p&page=4
Vendor Advisory x_refsource_misc
http://zint.org.uk/Manual.aspx?type=p&page=5

Scores

CVSS v3 7.5
EPSS 0.0237
EPSS Percentile 81.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-787
Status published
Products (1)
zint/barcode_generator 2.9.1
Published Feb 26, 2021
Tracked Since Feb 18, 2026