CVE-2022-29977
published 2022-05-11CVE-2022-29977: There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libsixel | < libsixel 1:1.8.7-1 (forky) | libsixel 1:1.8.7-1 (forky) |
| libsixel_project | libsixel | >= 0 < 1:1.8.7-1 | 1:1.8.7-1 |
| saitoha | libsixel | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM