Vulnerability CVE-2021-42715: Information
Description
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://github.com/nothings/stb/issues/1224 |
|
https://github.com/nothings/stb/pull/1223 |
|
[debian-lts-announce] 20230131 [SECURITY] [DLA 3305-1] libstb security update |
|
FEDORA-2021-001f25d986 | |
FEDORA-2021-d1446cd1ac | |
FEDORA-2021-f8ba4a690e | |
FEDORA-2021-0511a38484 | |
FEDORA-2021-082bea5b34 | |
FEDORA-2021-3fc69d203c | |
FEDORA-2021-8ea648186c | |
FEDORA-2021-16d848834d | |
FEDORA-2022-832689aa6b |