Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nothings stb image.h 2.28 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-45666
stb_image is a single file MIT licensed library for processing images. It may look like `stbi__load_gif_main` doesn’t give guarantees about the content of output value `*delays` upon failure. Although it sets `*delays` to zero at the beginning, it doesn’t do it in cas...
Nothings Stb Image.h 2.28
8.8
CVSSv3
CVE-2023-45664
stb_image is a single file MIT licensed library for processing images. A crafted image file can trigger `stbi__load_gif_main_outofmem` attempt to double-free the out variable. This happens in `stbi__load_gif_main` because when the `layers * stride` value is zero the behavior is i...
Nothings Stb Image.h 2.28
8.1
CVSSv3
CVE-2023-45662
stb_image is a single file MIT licensed library for processing images. When `stbi_set_flip_vertically_on_load` is set to `TRUE` and `req_comp` is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A...
Nothings Stb Image.h 2.28
7.5
CVSSv3
CVE-2023-45667
stb_image is a single file MIT licensed library for processing images. If `stbi__load_gif_main` in `stbi_load_gif_from_memory` fails it returns a null pointer and may keep the `z` variable uninitialized. In case the caller also sets the flip vertically flag, it continues and call...
Nothings Stb Image.h 2.28
7.1
CVSSv3
CVE-2023-45661
stb_image is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in `stbi__gif_load_next`. This happens because two_back points to a memory address lower than the start of the buffer out. This issue may be used to l...
Nothings Stb Image.h 2.28
6.5
CVSSv3
CVE-2023-43281
Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote malicious user to cause a denial of service via a crafted file to the stbi_load_gif_main function.
Nothings Stb Image.h 2.28
5.5
CVSSv3
CVE-2023-45663
stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its r...
Nothings Stb Image.h 2.28
5.5
CVSSv3
CVE-2023-43898
Nothings stb 2.28 exists to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted pic file.
Nothings Stb Image.h 2.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started