rpm package
suse/zxing-cpp&distro=SUSE Linux Enterprise Workstation Extension 12 SP5
pkg:rpm/suse/zxing-cpp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-42716 | — | < 1.2.0-8.6.1 | 1.2.0-8.6.1 | Oct 21, 2021 | An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service us | ||
| CVE-2021-42715 | — | < 1.2.0-8.6.1 | 1.2.0-8.6.1 | Oct 21, 2021 | An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted H | ||
| CVE-2021-28021 | — | < 1.2.0-8.6.1 | 1.2.0-8.6.1 | Oct 15, 2021 | Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file. | ||
| CVE-2014-3566 | Low | 3.4 | < 1.2.0-8.3.3 | 1.2.0-8.3.3 | Oct 15, 2014 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. |
- CVE-2021-42716Oct 21, 2021affected < 1.2.0-8.6.1fixed 1.2.0-8.6.1
An issue was discovered in stb stb_image.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting to RGBA, leading to a buffer overflow when later reinterpreting the result as a 16-bit buffer. An attacker could potentially have crashed a service us
- CVE-2021-42715Oct 21, 2021affected < 1.2.0-8.6.1fixed 1.2.0-8.6.1
An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stb_image by submitting crafted H
- CVE-2021-28021Oct 15, 2021affected < 1.2.0-8.6.1fixed 1.2.0-8.6.1
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.
- affected < 1.2.0-8.3.3fixed 1.2.0-8.3.3
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.