Astra Linux - уязвимость в libstb

stbimage is a single-file library licensed under MIT that is used for processing images. The stbigetn function reads a specified number of bytes from the context usually a file into the specified buffer. If the file stream points to the end of the file, it returns zero. There are two places where...

Astra Linux - уязвимость в libstb

A issue was discovered in stbstbimage.h versions 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length data. An attacker could potentially cause a denial of service in applications that use stbimage by submitting crafted HDR files...

Debian dla-4493 : libstb-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4493 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4493-1 [email protected]...

[SECURITY] [DLA 4493-1] libstb security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4493-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA February 26, 2026 https://wiki.debian.org/LTS -...

SUSE CVE-2023-45663

stbimage is a single file MIT licensed library for processing images. The stbigetn function reads a specified number of bytes from context typically a file into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not...

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the stbihdrload and stbitgaload functions. An attacker can read a specified number of bytes from context into an uninitialized buffer by manipulating the file stream to point to the end. This is only...

MGASA-2022-0074 Updated zxing-cpp packages fix security vulnerability

Buffer overflow vulnerability in function stbiextendreceive in stbimage.h in stb 2.26 via a crafted JPEG file. CVE-2021-28021 An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An...

Security update for zxing-cpp (important)

openSUSE Security Update: Security update for zxing-cpp Announcement ID: openSUSE-SU-2022:0157-1 Rating: important References: 1191743 1191942 1191944 Cross-References: CVE-2021-28021 CVE-2021-42715 CVE-2021-42716 CVSS scores: CVE-2021-28021 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H...

Updated curaengine packages fix security vulnerability

Buffer overflow vulnerability in function stbiextendreceive in stbimage.h in stb 2.26 via a crafted JPEG file. CVE-2021-28021 An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An...

CVE-2021-42715

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...

stb stb_image.h has an unspecified vulnerability

stb is a single-file public domain library for C/C. stbimage.h is one of the image loaders. stb stbimage.h contains a security vulnerability that stems from the HDR loader parsing truncated file-tailed RLE scan lines into an infinitely long zero-length sequence. An attacker could cause a denial o...

Code injection

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...

CVE-2021-42715

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...

CVE-2021-42715

The CVE-2021-42715 issue concerns the HDR loader in the libstb component (stb_image.h) versions 1.33 through 2.27, where truncated end-of-file RLE scanlines are parsed as an infinite sequence of zero-length runs. This can allow a crafted HDR file to cause denial of service in applications using s...

CVE-2021-42715

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...