Stb Project: >> Stb Security Vulnerabilities
stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.
CVSS Score
8.1
EPSS Score
0.001
Published
2022-11-02
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-04-15
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-10-15
stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or Denial of Service.
CVSS Score
9.1
EPSS Score
0.012
Published
2019-08-14