CVE-2022-28041

Name of the Vulnerable Software and Affected Versions stb image.h version 2.27

Description The issue is related to an integer overflow in the stbi jpeg decode block prog dc function, which can be exploited by attackers to cause a Denial of Service (DoS) via unspecified vectors. This can allow a remote attacker to disrupt the service.

Recommendations For stb image.h version 2.27, consider disabling the stbi jpeg decode block prog dc function as a temporary workaround until a patch is available. Restrict access to the stb image.h library to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.