[Bug 1197580] New: VUL-1: CVE-2022-27938: libsixel: reachable assertion in stbi__create_png_image_raw
http://bugzilla.opensuse.org/show_bug.cgi?id=1197580 Bug ID: 1197580 Summary: VUL-1: CVE-2022-27938: libsixel: reachable assertion in stbi__create_png_image_raw Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other URL: https://smash.suse.de/issue/327304/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: idesmi@protonmail.com Reporter: thomas.leroy@suse.com QA Contact: security-team@suse.de Found By: --- Blocker: --- CVE-2022-27938 stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-27938 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27938 https://github.com/saitoha/libsixel/issues/163 http://www.cvedetails.com/cve/CVE-2022-27938/ -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com