CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-37789
https://notcve.org/view.php?id=CVE-2021-37789
stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service. stb_image.h 2.27 tiene un búfer basado en montón en stbi__jpeg_load, lo que provoca divulgación de información o denegación de servicio. • https://github.com/nothings/stb/issues/1178 https://lists.debian.org/debian-lts-announce/2023/01/msg00045.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-28048
https://notcve.org/view.php?id=CVE-2022-28048
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac. Se ha detectado que STB versión v2.27, contiene un desplazamiento de enteros de tamaño no válido en el componente stbi__jpeg_decode_block_prog_ac • https://github.com/nothings/stb/issues/1293 https://github.com/nothings/stb/pull/1297 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5FXLM5XL77SNH4IPTSXOQD7XL4E2EMIN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I4HXIWU5HBOADXZVMREHT4YTO5WVYXEQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMBCMJGAZRQS55SNECUWZSC5URVLEZ5R • CWE-682: Incorrect Calculation •