Lucene search
K

4 matches found

CVE
CVE
added 2021/10/15 12:0 a.m.120 views

CVE-2021-28021

CVE-2021-28021 is a buffer overflow in stb_image.h (stb 2.26) inside the function stbi__extend_receive triggered by a crafted JPEG file. Connected advisories confirm affected libraries libstb/stb and related packages across multiple distros (Debian, Gentoo, SUSE, Nessus plugins). Impact per sourc...

7.8CVSS7.5AI score0.01334EPSS
CVE
CVE
added 2022/04/15 1:6 p.m.85 views

CVE-2022-28048

CVE-2022-28048 affects the STB library (STB v2.27) in the component stbi__jpeg_decode_block_prog_ac, causing an integer shift of invalid size. The connected records (Astra Linux entry and Gentoo GLSA) corroborate the affected library and version. Gentoo GLSA 2024-09-15 links to the same issue and...

8.8CVSS8.6AI score0.01557EPSS
CVE
CVE
added 2022/11/02 12:0 a.m.68 views

CVE-2021-37789

CVE-2021-37789 corresponds to a heap-based buffer overflow in the JPEG loader of stb_image.h 2.27 (stbi__jpeg_load). Public details in connected docs identify the affected library as stb_image (stb) and confirm the vulnerability can cause Information Disclosure or Denial of Service. Several entri...

8.1CVSS7.8AI score0.00785EPSS
CVE
CVE
added 2019/08/14 8:30 p.m.65 views

CVE-2019-15058

CVE-2019-15058 affects stb_image.h (stb_image loader) version 2.23. A heap-based buffer over-read in stbi__tga_load leads to Information Disclosure or Denial of Service. Documented impact includes possibly exposing data or causing service disruption. Exploitation details are not provided in the s...

9.1CVSS9AI score0.02796EPSS