CVE-2025-3409
- EPSS 0.49%
- Veröffentlicht 08.04.2025 04:31:03
- Zuletzt bearbeitet 19.05.2026 22:17:10
A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stb_include_string. The manipulation of the argument path_to_includes leads to stack-based buffer overflow. It is possible to initiate the ...
CVE-2025-3408
- EPSS 0.47%
- Veröffentlicht 08.04.2025 04:00:13
- Zuletzt bearbeitet 19.05.2026 22:19:54
A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stb_dupreplace. The manipulation leads to integer overflow. The attack may be launched remotely. Continious delivery with r...
CVE-2025-3407
- EPSS 0.45%
- Veröffentlicht 08.04.2025 04:00:11
- Zuletzt bearbeitet 19.05.2026 22:19:40
A vulnerability was found in Nothings stb up to f056911. It has been declared as critical. Affected by this vulnerability is the function stbhw_build_tileset_from_image. The manipulation of the argument h_count/v_count leads to out-of-bounds read. Th...
CVE-2025-3406
- EPSS 0.55%
- Veröffentlicht 08.04.2025 03:31:12
- Zuletzt bearbeitet 19.05.2026 22:20:06
A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhw_build_tileset_from_image of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds r...
CVE-2023-43281
- EPSS 1.03%
- Veröffentlicht 25.10.2023 18:17:31
- Zuletzt bearbeitet 21.11.2024 08:23:56
Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.
CVE-2023-45667
- EPSS 1.14%
- Veröffentlicht 21.10.2023 00:15:09
- Zuletzt bearbeitet 21.11.2024 08:27:10
stb_image is a single file MIT licensed library for processing images. If `stbi__load_gif_main` in `stbi_load_gif_from_memory` fails it returns a null pointer and may keep the `z` variable uninitialized. In case the caller also sets the flip vertica...
CVE-2023-45666
- EPSS 0.96%
- Veröffentlicht 21.10.2023 00:15:09
- Zuletzt bearbeitet 21.11.2024 08:27:10
stb_image is a single file MIT licensed library for processing images. It may look like `stbi__load_gif_main` doesn’t give guarantees about the content of output value `*delays` upon failure. Although it sets `*delays` to zero at the beginning, it d...
CVE-2023-45664
- EPSS 0.87%
- Veröffentlicht 21.10.2023 00:15:09
- Zuletzt bearbeitet 21.11.2024 08:27:10
stb_image is a single file MIT licensed library for processing images. A crafted image file can trigger `stbi__load_gif_main_outofmem` attempt to double-free the out variable. This happens in `stbi__load_gif_main` because when the `layers * stride` v...
CVE-2023-45662
- EPSS 0.69%
- Veröffentlicht 21.10.2023 00:15:08
- Zuletzt bearbeitet 21.11.2024 08:27:09
stb_image is a single file MIT licensed library for processing images. When `stbi_set_flip_vertically_on_load` is set to `TRUE` and `req_comp` is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip...
CVE-2023-45663
- EPSS 0.66%
- Veröffentlicht 21.10.2023 00:15:08
- Zuletzt bearbeitet 21.11.2024 08:27:10
stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the file stream points to the end, it returns zero. Th...