6 matches found
CVE-2026-5313
A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...
Out-of-bounds Read
libstb.so s vulnerable to Out-of-bounds Read. The vulnerability is due to an incorrect calculation of the twoback pointer. This allows an attacker to exploit the out-of-bounds read with a crafted image file using memcpy in stbigifloadnext, This potentially leads to leaking internal memory...
CVE-2023-45661
stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...
CVE-2023-45661 Wild address read in stbi__gif_load_next in stb_image
stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...
CVE-2023-45661
CVE-2023-45661 affects the stb_image single-file library (stb_image.h). The vulnerability is an out-of-bounds memcpy read in stbi__gif_load_next caused by two_back pointing before the buffer start, which may leak internal memory allocation information. Public docs mention this issue (Astra Linux,...
CVE-2023-45661
stbimage is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbigifloadnext. This happens because twoback points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory...