Published: 15/04/2022 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

stb_image.h v2.27 exists to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nothings stb image.h 2.27
fedoraproject fedora 34
fedoraproject fedora 35
fedoraproject fedora 36
debian debian linux 10.0

Debian Bug report logs - #1014531 libstb: CVE-2022-28041 CVE-2022-28042 Package: src:libstb; Maintainer for src:libstb is Yangfl <mmyangfl@gmailcom>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Thu, 7 Jul 2022 15:45:04 UTC Severity: important Tags: security Reply or subscribe to this bug Toggle us ...

CWE-416 https://github.com/nothings/stb/issues/1289 https://github.com/nothings/stb/pull/1297 https://lists.debian.org/debian-lts-announce/2023/01/msg00045.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I4HXIWU5HBOADXZVMREHT4YTO5WVYXEQ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5FXLM5XL77SNH4IPTSXOQD7XL4E2EMIN/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMBCMJGAZRQS55SNECUWZSC5URVLEZ5R/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014531 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-28042

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect