Lucene search
+L

147 matches found

OSV
OSV
added 2023/10/21 12:15 a.m.3 views

UBUNTU-CVE-2023-45662

stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...

8.1CVSS5.8AI score0.00691EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.4 views

stb_image Code Issue Vulnerability

stb is a single-file public domain library for C/C ++. A security vulnerability exists in stbimage, which originates from a vulnerability that may cause a program to crash...

7.5CVSS6.7AI score0.01137EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.8 views

stb_image Resource Management Error Vulnerability

stb is a single-file public domain library for C/C ++. A security vulnerability exists in stbimage, which originates from a possible double release...

8.8CVSS6.8AI score0.00867EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.4 views

stb_image buffer error vulnerability

stb is a single-file public domain library for C/C ++. A security vulnerability exists in stbimage, which originates from the possibility of an out-of-bounds read...

8.1CVSS6.8AI score0.00691EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/10/21 12:0 a.m.5 views

stb_image Security Vulnerability

stb is a single-file public domain library for C/C ++. A security vulnerability exists in stbimage, which originates from the possibility of an out-of-bounds read...

5.5CVSS6.8AI score0.00657EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2023/10/20 11:26 p.m.18 views

CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image

stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...

5.3CVSS6.7AI score0.01137EPSS
Exploits0References6
CVE
CVE
added 2023/10/20 11:26 p.m.50 views

CVE-2023-45667

CVE-2023-45667 concerns the stb_image single-file library. The issue arises when stbi__load_gif_main fails inside stbi_load_gif_from_memory, returning a null pointer and potentially leaving z uninitialized. If the caller additionally requests a vertical flip, the code proceeds to call stbi__verti...

7.5CVSS6.2AI score0.01137EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2023/10/20 11:26 p.m.35 views

CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image

stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...

5.3CVSS8.7AI score0.01137EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2023/10/20 11:26 p.m.56 views

CVE-2023-45667

stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...

7.5CVSS7.3AI score0.01137EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/10/20 11:26 p.m.75 views

CVE-2023-45667

stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...

7.5CVSS7.5AI score0.01137EPSS
Exploits0
Cvelist
Cvelist
added 2023/10/20 11:26 p.m.37 views

CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

7.3CVSS9.6AI score0.00959EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2023/10/20 11:26 p.m.15 views

CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

7.3CVSS6.8AI score0.00959EPSS
Exploits0References6
CVE
CVE
added 2023/10/20 11:26 p.m.97 views

CVE-2023-45666

CVE-2023-45666 is a memory-management issue in the single-file library stb_image. The Astra Linux advisory describes that in stbi__load_gif_main, *delays may not be reset to zero when the image is not GIF, and stbi__load_gif_main_outofmem may free memory in *delays without resetting it. If stbi__...

9.8CVSS8.3AI score0.00959EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2023/10/20 11:26 p.m.76 views

CVE-2023-45666

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

9.8CVSS9.5AI score0.00959EPSS
Exploits0
OSV
OSV
added 2023/10/20 11:26 p.m.5 views

CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

7.3CVSS8.3AI score0.00959EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2023/10/20 11:26 p.m.57 views

CVE-2023-45666

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

9.8CVSS8.4AI score0.00959EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/10/20 11:26 p.m.34 views

CVE-2023-45664

stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...

8.8CVSS8.8AI score0.00867EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/10/20 11:26 p.m.31 views

CVE-2023-45664 Double-free in stbi__load_gif_main_outofmem in stb_image

stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...

7.3CVSS7.1AI score0.00867EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/10/20 11:26 p.m.44 views

CVE-2023-45664 Double-free in stbi__load_gif_main_outofmem in stb_image

stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...

7.3CVSS9.4AI score0.00867EPSS
Exploits0References5
CVE
CVE
added 2023/10/20 11:26 p.m.85 views

CVE-2023-45664

CVE-2023-45664 concerns stb_image. The affected code path is in stbi__load_gif_main where, if layers*stride equals zero, realloc may free the old memory and return NULL, leading to a double-free of the out variable. This can occur in a multi-threaded environment and, per the provided documents, m...

8.8CVSS7.8AI score0.00867EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder