RSS   Vulnerabilities for 'Libsixel'   RSS

2022-05-11
 
CVE-2022-29977

CWE-617
 

 
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.

 
 
CVE-2022-29978

CWE-682
 

 
There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.

 
2022-04-08
 
CVE-2021-40656

CWE-787
 

 
libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867.

 
 
CVE-2021-41715

CWE-416
 

 
libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379.

 
 
CVE-2022-27044

CWE-787
 

 
libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.

 
 
CVE-2022-27046

CWE-416
 

 
libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388.

 
2022-03-26
 
CVE-2022-27938

CWE-617
 

 
stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw.

 
2022-03-10
 
CVE-2020-36123

CWE-415
 

 
saitoha libsixel v1.8.6 was discovered to contain a double free via the component sixel_chunk_destroy at /root/libsixel/src/chunk.c.

 
2022-01-25
 
CVE-2021-45340

CWE-476
 

 
In Libsixel prior to and including v1.10.3, a NULL pointer dereference in the stb_image.h component of libsixel allows attackers to cause a denial of service (DOS) via a crafted PICT file.

 
2021-08-10
 
CVE-2020-21677

CWE-787
 

 
A heap-based buffer overflow in the sixel_encoder_output_without_macro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service (DOS) via converting a crafted PNG file into Sixel format.

 


Copyright 2024, cxsecurity.com

 

Back to Top