QwikSec

Security Database

CVE

CWE

Training

CVE-2021-42715

Published: Oct 21, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted HDR files.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/nothings/stb/issues/1224

https://github.com/nothings/stb/pull/1223

FEDORA-2021-001f25d986

vendor-advisory

FEDORA-2021-d1446cd1ac

vendor-advisory

FEDORA-2021-f8ba4a690e

vendor-advisory

FEDORA-2021-0511a38484

vendor-advisory

FEDORA-2021-082bea5b34

vendor-advisory

FEDORA-2021-3fc69d203c

vendor-advisory

FEDORA-2021-8ea648186c

vendor-advisory

FEDORA-2021-16d848834d

vendor-advisory

FEDORA-2022-832689aa6b

vendor-advisory

[debian-lts-announce] 20230131 [SECURITY] [DLA 3305-1] libstb security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.