2179 matches found
CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
CVE-2023-45667
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
CVE-2023-45667
CVE-2023-45667 concerns the stb_image single-file library. The issue arises when stbi__load_gif_main fails inside stbi_load_gif_from_memory, returning a null pointer and potentially leaving z uninitialized. If the caller additionally requests a vertical flip, the code proceeds to call stbi__verti...
CVE-2023-45667
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
CVE-2023-45666
stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...
CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image
stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...
CVE-2023-45664 Double-free in stbi__load_gif_main_outofmem in stb_image
stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...
CVE-2023-45664
CVE-2023-45664 concerns stb_image. The affected code path is in stbi__load_gif_main where, if layers*stride equals zero, realloc may free the old memory and return NULL, leading to a double-free of the out variable. This can occur in a multi-threaded environment and, per the provided documents, m...
CVE-2023-45664
stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...
CVE-2023-45663
Summary (concrete details from connected docs): The vulnerability CVE-2023-45663 affects the single-file image library stb_image. The issue is in the stbi__getn function, which reads bytes into a buffer; in two loading paths (stbi__hdr_load and stbi__tga_load) the function’s return value is not c...
CVE-2023-45663
stbimage is a single file MIT licensed library for processing images. The stbigetn function reads a specified number of bytes from context typically a file into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not...
CVE-2023-45662
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...
CVE-2023-45662 Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...
CVE-2023-45662
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...
CVE-2023-45662
CVE-2023-45662 affects stb_image (stb_image.h). When stbi_set_flip_vertically_on_load is TRUE and the requested component count (req_comp) doesn’t match the actual components per pixel, memcpy can perform an out-of-bounds read because bytes_per_pixel used to compute bytes_per_row may not reflect ...
CVE-2023-45662 Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...
CVE-2023-45662 Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...
CVE-2023-45661 Wild address read in stbi__gif_load_next in stb_image
stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...