{"affected":[{"ecosystem_specific":{"binaries":[{"libZXing1":"1.2.0-9.7.1","zxing-cpp-devel":"1.2.0-9.7.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"zxing-cpp","purl":"pkg:rpm/opensuse/zxing-cpp&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.0-9.7.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for zxing-cpp fixes the following issues:\n\n- CVE-2021-28021: Fixed buffer overflow vulnerability in function stbi__extend_receive in stb_image.h via a crafted JPEG file. (bsc#1191743).\n- CVE-2021-42715: Fixed buffer overflow in stb_image PNM loader (bsc#1191942).\n- CVE-2021-42716: Fixed denial of service in stb_image HDR loader when reading crafted HDR files (bsc#1191944).\n","id":"openSUSE-SU-2022:0157-1","modified":"2022-01-24T09:10:46Z","published":"2022-01-24T09:10:46Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TPIWID3WJ3SMCA23W52QU3RW6AU7JCA7/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1191743"},{"type":"REPORT","url":"https://bugzilla.suse.com/1191942"},{"type":"REPORT","url":"https://bugzilla.suse.com/1191944"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-28021"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-42715"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-42716"}],"related":["CVE-2021-28021","CVE-2021-42715","CVE-2021-42716"],"summary":"Security update for zxing-cpp","upstream":["CVE-2021-28021","CVE-2021-42715","CVE-2021-42716"]}