Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nothings stb image.h vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43281
Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote malicious user to cause a denial of service via a crafted file to the stbi_load_gif_main function.
Nothings Stb Image.h 2.28
NA
CVE-2023-45661
stb_image is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in `stbi__gif_load_next`. This happens because two_back points to a memory address lower than the start of the buffer out. This issue may be used to l...
Nothings Stb Image.h 2.28
NA
CVE-2023-45662
stb_image is a single file MIT licensed library for processing images. When `stbi_set_flip_vertically_on_load` is set to `TRUE` and `req_comp` is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A...
Nothings Stb Image.h 2.28
NA
CVE-2023-45663
stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its r...
Nothings Stb Image.h 2.28
NA
CVE-2023-45664
stb_image is a single file MIT licensed library for processing images. A crafted image file can trigger `stbi__load_gif_main_outofmem` attempt to double-free the out variable. This happens in `stbi__load_gif_main` because when the `layers * stride` value is zero the behavior is i...
Nothings Stb Image.h 2.28
NA
CVE-2023-45666
stb_image is a single file MIT licensed library for processing images. It may look like `stbi__load_gif_main` doesn’t give guarantees about the content of output value `*delays` upon failure. Although it sets `*delays` to zero at the beginning, it doesn’t do it in cas...
Nothings Stb Image.h 2.28
NA
CVE-2023-45667
stb_image is a single file MIT licensed library for processing images. If `stbi__load_gif_main` in `stbi_load_gif_from_memory` fails it returns a null pointer and may keep the `z` variable uninitialized. In case the caller also sets the flip vertically flag, it continues and call...
Nothings Stb Image.h 2.28
NA
CVE-2023-43898
Nothings stb 2.28 exists to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted pic file.
Nothings Stb Image.h 2.28
4.3
CVSSv2
CVE-2022-28041
stb_image.h v2.27 exists to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows malicious users to cause a Denial of Service (DoS) via unspecified vectors.
Nothings Stb Image.h 2.27
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2022-28042
stb_image.h v2.27 exists to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.
Nothings Stb Image.h 2.27
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »