Page 3 of 15 results (0.005 seconds)

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 2

CVE-2021-42716

https://notcve.org/view.php?id=CVE-2021-42716

An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service using stb_image, or read up to 1024 bytes of non-consecutive heap data without control over the read location. Se ha detectado un problema en stb stb_image.h versión 2.27. El cargador de PNM interpretaba incorrectamente los archivos PGM de 16 bits como de 8 bits cuando los convertía a RGBA, conllevando a un desbordamiento del búfer cuando se reinterpreta posteriormente el resultado como un búfer de 16 bits. • https://github.com/nothings/stb/issues/1166 https://github.com/nothings/stb/issues/1225 https://github.com/nothings/stb/pull/1223 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3TDGZFLBOP27LZKLH45WQLSNPSPP7S7Z https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AF2CNP4FVC6LDKNOO4WDCGNDYIP3MPK6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEGXBDEMTFGINETMJENBZ6SCHVEJQJSY https://lists.fedoraproject.org • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-42715

https://notcve.org/view.php?id=CVE-2021-42715

An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files. Se ha detectado un problema en stb stb_image.h versiones 1.33 hasta 2.27. El cargador HDR analizaba líneas de exploración RLE truncadas al final del archivo como una secuencia infinita de ejecuciones de longitud cero. • https://github.com/nothings/stb/issues/1224 https://github.com/nothings/stb/pull/1223 https://lists.debian.org/debian-lts-announce/2023/01/msg00045.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3TDGZFLBOP27LZKLH45WQLSNPSPP7S7Z https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AF2CNP4FVC6LDKNOO4WDCGNDYIP3MPK6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEGXBDEMTFGINETMJENBZ6SCHVEJQJSY https: • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2019-20056

https://notcve.org/view.php?id=CVE-2019-20056

stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has an assertion failure in stbi__shiftsigned. stb_image.h (también se conoce como stb image loader) versión 2.23, como es usado en libsixel y otros productos, tiene un fallo de aserción en stbi__shiftsigned. • https://github.com/saitoha/libsixel/issues/126 • CWE-617: Reachable Assertion •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2019-19777

https://notcve.org/view.php?id=CVE-2019-19777

stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main. stb_image.h (también se conoce como stb image loader) versión 2.23, como es usado en libsixel y otros productos, presenta una lectura excesiva del búfer en la región heap de la memoria en la función stbi__load_main. • https://github.com/saitoha/libsixel/issues/109 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2018-16981

https://notcve.org/view.php?id=CVE-2018-16981

stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function. stb stb_image.h 2.19, tal y como se emplea en catimg, Emscripten y otros productos, tiene un desbordamiento de búfer basado en memoria dinámica (heap) en la función stbi__out_gif_code. • https://github.com/nothings/stb/issues/656 https://lists.debian.org/debian-lts-announce/2023/01/msg00045.html • CWE-787: Out-of-bounds Write •