Every CVE whose affected-product data names Stb Project Stb, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2019-15058 — CVSS 9.1 (critical): stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or…
CVE-2022-28048 — CVSS 8.8 (high): STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.
CVE-2021-37789 — CVSS 8.1 (high): stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.
CVE-2021-28021 — CVSS 7.8 (high): Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.