Lucene search
K

37 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libstb

stbimage.h 2.27 contains a heap-based buffer within stbijpegload, which can lead to information disclosure or denial of service...

8.1CVSS7.8AI score0.00785EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT that is used for processing images. A properly crafted image file can trigger an attempt by stbiloadgifmainoutofmem to double-free the out variable. This occurs in stbiloadgifmain, because when the layers stride value is zero, the behavior is...

8.8CVSS7.9AI score0.00867EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT that is used for processing images. When stbisetflipverticallyonload is set to TRUE, and reqcomp is set to a value that does not match the actual number of components per pixel, the library attempts to flip the image vertically. A specially...

8.1CVSS7.6AI score0.00691EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libstb

stbimage.h also known as the stb image loader, version 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

6.5CVSS6.4AI score0.00935EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libstb

stbvorbis is a single-file MIT licensed library for processing OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write vulnerability in the line f-vendorlen = char'\0';. The root cause of this issue is that if len read from startdecoder is -1, then len + 1 becomes 0 when...

7.8CVSS7.9AI score0.00759EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT, used for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails, it returns a null pointer and may leave the z variable uninitialized. If the caller also sets the vertical flipping flag, the process continues by calling...

7.5CVSS7.2AI score0.01137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT that is used for processing images. The stbigetn function reads a specified number of bytes from the context usually a file into the specified buffer. If the file stream points to the end of the file, it returns zero. There are two places where...

5.5CVSS5.6AI score0.00657EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in libstb

It was discovered that stbimage.h v2.27 contains a heap-based use-after-free issue due to the stbijpeghuffdecode function...

8.8CVSS7.9AI score0.01546EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libstb

It was discovered that STB v2.27 contains an integer shift of invalid size in the component stbijpegdecodeblockprogac...

8.8CVSS7.8AI score0.01513EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write operation in f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc. A sufficiently large value in the variable sz causes an...

7.8CVSS7.4AI score0.00518EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A properly crafted file may trigger an out-of-buffer write in the startdecoder function, because the maximum number of m-submaps is 16, but submapfloor and submapresidue are declared as arrays of 15 elements...

7.8CVSS7AI score0.0073EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux - уязвимость в libstb

It was discovered that stbimage.h v2.27 contains an integer overflow vulnerability through the stbijpegdecodeblockprogdc function. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...

6.5CVSS6.8AI score0.0201EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libstb

STBVorbis is a single-file library licensed under MIT that processes OGG Vorbis files. A maliciously crafted file may cause memory writes to exceed the allocated heap buffer in startdecoder. The root cause of this issue is a potential integer overflow in sizeofchar f-commentlistlength, which may...

7.8CVSS7.6AI score0.00518EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT that is used for processing images. A properly crafted image file may trigger an out-of-bounds memcpy read in stbigifloadnext. This occurs because twoback points to a memory address that is lower than the start of the buffer. This issue could b...

7.1CVSS7AI score0.00574EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/01 12:0 a.m.6 views

Debian dla-4493 : libstb-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4493 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4493-1 [email protected]...

8.8CVSS6.2AI score0.0201EPSS
Exploits4References12
OpenVAS
OpenVAS
added 2026/02/27 12:0 a.m.4 views

Debian: Security Advisory (DLA-4493-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6AI score0.0201EPSS
Exploits4References2
Debian
Debian
added 2026/02/26 8:21 a.m.7 views

[SECURITY] [DLA 4493-1] libstb security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4493-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA February 26, 2026 https://wiki.debian.org/LTS -...

8.8CVSS6.1AI score0.0201EPSS
Exploits4
OSV
OSV
added 2026/02/26 12:0 a.m.6 views

DLA-4493-1 libstb - security update

Bulletin has no description...

8.8CVSS5.1AI score0.0201EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.6 views

The vulnerability of the C/C++ Libstb library, related to reading beyond the allowed buffer data limits, allows a hacker to cause a service failure.

The vulnerability of the C/C++ Libstb library lies in reading data beyond the allowed buffer limits. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using a specially created file...

5.3CVSS6.7AI score0.0056EPSS
Exploits0References10Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.4 views

The vulnerability of C/C++ Libstb libraries, related to writing beyond buffer boundaries, allows attackers to compromise data integrity and cause service failures.

The vulnerability of the C/C++ Libstb library lies in the writing beyond buffer boundaries. Exploiting this vulnerability can allow a malicious actor to compromise data integrity and also cause service failures through the use of a specially created file...

6.5CVSS7.1AI score0.0073EPSS
Exploits0References9Affected Software2
Rows per page
Query Builder