147 matches found
UBUNTU-CVE-2023-45662
stbimage is a single file MIT licensed library for processing images. When stbisetflipverticallyonload is set to TRUE and reqcomp is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger memc...
stb_image Code Issue Vulnerability
stb is a single-file public domain library for C/C ++. A security vulnerability exists in stbimage, which originates from a vulnerability that may cause a program to crash...
stb_image Resource Management Error Vulnerability
stb is a single-file public domain library for C/C ++. A security vulnerability exists in stbimage, which originates from a possible double release...
stb_image buffer error vulnerability
stb is a single-file public domain library for C/C ++. A security vulnerability exists in stbimage, which originates from the possibility of an out-of-bounds read...
stb_image Security Vulnerability
stb is a single-file public domain library for C/C ++. A security vulnerability exists in stbimage, which originates from the possibility of an out-of-bounds read...
CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
CVE-2023-45667
CVE-2023-45667 concerns the stb_image single-file library. The issue arises when stbi__load_gif_main fails inside stbi_load_gif_from_memory, returning a null pointer and potentially leaving z uninitialized. If the caller additionally requests a vertical flip, the code proceeds to call stbi__verti...
CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
CVE-2023-45667
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
CVE-2023-45667
stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...
CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image
stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...
CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image
stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...
CVE-2023-45666
CVE-2023-45666 is a memory-management issue in the single-file library stb_image. The Astra Linux advisory describes that in stbi__load_gif_main, *delays may not be reset to zero when the image is not GIF, and stbi__load_gif_main_outofmem may free memory in *delays without resetting it. If stbi__...
CVE-2023-45666
stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...
CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image
stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...
CVE-2023-45666
stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...
CVE-2023-45664
stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...
CVE-2023-45664 Double-free in stbi__load_gif_main_outofmem in stb_image
stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...
CVE-2023-45664 Double-free in stbi__load_gif_main_outofmem in stb_image
stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...
CVE-2023-45664
CVE-2023-45664 concerns stb_image. The affected code path is in stbi__load_gif_main where, if layers*stride equals zero, realloc may free the old memory and return NULL, leading to a double-free of the out variable. This can occur in a multi-threaded environment and, per the provided documents, m...