PT-2021-7967 · Unknown+2 · Stb Image.H+2
Published
2021-07-22
·
Updated
2023-02-28
·
CVE-2021-37789
CVSS v2.0
9.4
High
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
stb image.h version 2.27
Description
The issue is related to a heap-based buffer overflow in the
stbi jpeg load function of the stb image.h library, which can lead to Information Disclosure or Denial of Service. This can be exploited by a remote attacker to gain access to confidential data or cause a service disruption.Recommendations
For stb image.h version 2.27, consider updating to a newer version that addresses the heap-based buffer overflow issue in the
stbi jpeg load function. As a temporary workaround, consider restricting the use of the stbi jpeg load function to minimize the risk of exploitation.Exploit
Fix
DoS
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Debian
Stb Image.H