Open waugustus opened 2 years ago
Can you report the issue to the new upstream at https://github.com/libsixel/libsixel ?
Can you report the issue to the new upstream at https://github.com/libsixel/libsixel ?
OK, and thank you for your suggestion.
CVE-2022-29977 assigned.
Description
There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted jpg file.
Version
img2sixel 1.8.6, commit id 6a5be8b72d84037b83a5ea838e17bcf372ab1d5f (Tue Jan 14 02:27:00 2020 +0900)
Reproduction
poc.zip
Platfrom