4 matches found
CVE-2021-28021
CVE-2021-28021 is a buffer overflow in stb_image.h (stb 2.26) inside the function stbi__extend_receive triggered by a crafted JPEG file. Connected advisories confirm affected libraries libstb/stb and related packages across multiple distros (Debian, Gentoo, SUSE, Nessus plugins). Impact per sourc...
CVE-2022-28048
CVE-2022-28048 affects the STB library (STB v2.27) in the component stbi__jpeg_decode_block_prog_ac, causing an integer shift of invalid size. The connected records (Astra Linux entry and Gentoo GLSA) corroborate the affected library and version. Gentoo GLSA 2024-09-15 links to the same issue and...
CVE-2021-37789
CVE-2021-37789 corresponds to a heap-based buffer overflow in the JPEG loader of stb_image.h 2.27 (stbi__jpeg_load). Public details in connected docs identify the affected library as stb_image (stb) and confirm the vulnerability can cause Information Disclosure or Denial of Service. Several entri...
CVE-2019-15058
CVE-2019-15058 affects stb_image.h (stb_image loader) version 2.23. A heap-based buffer over-read in stbi__tga_load leads to Information Disclosure or Denial of Service. Documented impact includes possibly exposing data or causing service disruption. Exploitation details are not provided in the s...