
We found results for “”
CVE-2021-28021
Good to know:

Date: October 14, 2021
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.
Language: C
Severity Score
Related Resources (18)
Severity Score
Weakness Type (CWE)
Out-of-bounds Write
CWE-787Top Fix

Upgrade Version
Upgrade to version stb - cci.20210713;Microsoft.NET.Runtime.Emscripten.3.1.34.Sdk.win-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.12.Sdk.win-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.30.Sdk.linux-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.34.Sdk.linux-musl-arm64 - no_fix;torch-sys - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.34.Sdk.osx-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.2.0.23.Sdk.osx-x64 - no_fix;mario-deluna/php-glfw - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.34.Sdk.win-arm64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.12.Sdk.osx-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.30.Sdk.win-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.2.0.21.Sdk.linux-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.2.0.21.Sdk.osx-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.7.Sdk.linux-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.30.Sdk.osx-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.2.0.23.Sdk.linux-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.34.Sdk.osx-arm64 - no_fix;Microsoft.NET.Runtime.Emscripten.2.0.23.Sdk.win-x64 - no_fix;sixel-sys - 0.5.0;com.basemark.rocksolidsdk - 0.1.5;Microsoft.NET.Runtime.Emscripten.2.0.12.Sdk.win-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.34.Sdk.linux-arm64 - no_fix;ffui - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.7.Sdk.osx-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.2.0.12.Sdk.linux-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.34.Sdk.linux-musl-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.12.Sdk.linux-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.2.0.21.Sdk.win-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.34.Sdk.linux-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.3.1.7.Sdk.win-x64 - no_fix;Microsoft.NET.Runtime.Emscripten.2.0.12.Sdk.osx-x64 - no_fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | NETWORK |
Access Complexity (AC): | MEDIUM |
Authentication (AU): | NONE |
Confidentiality (C): | PARTIAL |
Integrity (I): | PARTIAL |
Availability (A): | PARTIAL |
Additional information: |