← Back

CVE-2022-27938

nvd nist
Published: Mar 26, 2022Modified: Apr 24, 2026

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw.

Affected (2)

Libsixel
1 product
Libsixel
Saitoha
1 product
Libsixel
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Libsixel
Before 1.10.4
Libsixel
Before 1.8.7

Related CWEs

CWE-617
Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References (2)

Source: cve@mitre.org
ExploitIssue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingPatchThird Party Advisory

Timeline

No history available yet.