Astra Linux - уязвимость в libstb

A issue was discovered in stbstbimage.h 2.27. The PNM loader incorrectly interpreted 16-bit PGM files as 8-bit when converting them to RGBA format. This led to a buffer overflow when the result was re-interpreted as a 16-bit buffer. An attacker could potentially use stbimage to crash a service, o...

Astra Linux - уязвимость в libstb

stbimage.h also known as the stb image loader, version 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

Astra Linux - уязвимость в libstb

A issue was discovered in stbstbimage.h versions 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length data. An attacker could potentially cause a denial of service in applications that use stbimage by submitting crafted HDR files...

stb-image-cwe674-poc

PoC — stbimage v2.30 GIF stbioutgifcode 무한 재귀 DoS...

stb-image-cwe190-poc

PoC — stbimage v2.30 stbiconvertformat16 integer overf...

Astra Linux - уязвимость в libstb

stbimage is a single-file library licensed under MIT that is used for processing images. A properly crafted image file may trigger an out-of-bounds memcpy read in stbigifloadnext. This occurs because twoback points to a memory address that is lower than the start of the buffer. This issue could b...

Astra Linux - уязвимость в libstb

It was discovered that stbimage.h v2.27 contains an integer overflow vulnerability through the stbijpegdecodeblockprogdc function. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...

Fedora 44 : stb (2026-f45664a58a)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f45664a58a advisory. Fix access/use of uninitialized memory in stbimage Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...

Fedora 43 : stb (2026-0a9a99c841)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0a9a99c841 advisory. Fix access/use of uninitialized memory in stbimage Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...

Fedora 42 : stb (2026-651e3129a9)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-651e3129a9 advisory. Fix access/use of uninitialized memory in stbimage Tenable has extracted the preceding description block directly from the Fedora security advisory. Note tha...

UBUNTU-CVE-2026-5313

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

Linux Distros Unpatched Vulnerability : CVE-2026-5185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-fra...

SUSE CVE-2026-5185

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

SUSE CVE-2026-5186

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

EUVD-2026-17337

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

EUVD-2026-17340

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

CVE-2026-5186 Nothings stb Multi-frame GIF File stb_image.h stbi__load_gif_main double free

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

UBUNTU-CVE-2026-5185

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

CVE-2026-5185

A security flaw in Nothings stb_image up to 2.30 affects the function stbi__gif_load_next in stb_image.h (Multi-frame GIF File Handler). The issue is a heap-based buffer overflow exploitable with local access. The exploit has been released publicly; vendor was contacted but did not respond. No re...

CVE-2026-5185

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...