Lucene search
Veracode Vulnerability DatabaseVERACODE:33913HistoryJan 26, 2022 - 9:46 a.m.
NULL Pointer Dereference
2022-01-2609:46:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
31.4%
libsixel.so is vulnerable to NULL pointer dereference. The vulnerability exists in stbi__convert_format in stb_image.h because the output is never checked for NULL when passed in from stbi__pic_load which leads to an overflow causing an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libsixel.so | le | 1.0.6 | |
| libsixel.so | le | 1.0.6 |
References
github.com/advisories/GHSA-7xr9-9g9p-xmfp
github.com/libsixel/libsixel/commit/924895c7ef79a1fcbbd04eb397ea38635539ad51#
github.com/libsixel/libsixel/commit/e6d658d6275f73d60c9392b7a3e66050bbe7ac9b
github.com/libsixel/libsixel/issues/51
github.com/libsixel/libsixel/pull/52
github.com/saitoha/libsixel/issues/160
Related
prion
prion
Null pointer dereference
2022-01-25 12:15:00
cnvd
cnvd
libsixel Denial of Service Vulnerability
2022-01-27 00:00:00
nvd
nvd
CVE-2021-45340
2022-01-25 12:15:07
ubuntucve
ubuntucve
CVE-2021-45340
2022-01-25 00:00:00
osv
osv
CVE-2021-45340
2022-01-25 12:15:07
cve
cve
CVE-2021-45340
2022-01-25 12:15:07
cvelist
cvelist
CVE-2021-45340
2022-01-25 11:36:09
debiancve
debiancve
CVE-2021-45340
2022-01-25 12:15:07