Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-43898

Published: 03/10/2023 Updated: 24/01/2024
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0

Vulnerability Summary

Nothings stb 2.28 exists to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted pic file.

Vulnerable Product Search on Vulmon Subscribe to Product

nothings stb image.h 2.28

Vendor Advisories

Debian CVElist Bug Report Logs: libstb: CVE-2023-43898
Debian Bug report logs - #1053627 libstb: CVE-2023-43898 Package: src:libstb; Maintainer for src:libstb is Yangfl <mmyangfl@gmailcom>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 7 Oct 2023 15:03:01 UTC Severity: important Tags: security, upstream Found in version libstb/00~git202301295736b1 ...

References

CWE-476https://github.com/peccc/null-stbhttps://github.com/nothings/stb/issues/1452https://github.com/nothings/stb/pull/1454https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053627https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scriptingCVE-2024-5158XML external entityCVE-2024-4262CVE-2024-2036CVE-2024-4985CVE-2024-21791remote attackersCVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook