Lucene search
+L

11 matches found

EUVD
EUVD
added 2026/03/31 9:31 a.m.3 views

EUVD-2026-17340

A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...

5.3CVSS5.7AI score0.00113EPSS
Exploits0References4
Veracode
Veracode
added 2023/10/31 7:22 a.m.19 views

Denial Of Service (DoS)

libstb.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the stbiloadgiffrommemory function at stbimage.h due to the function call of stbiloadgifmain which allows an attacker to cause an application crash...

6.5CVSS6.9AI score0.01029EPSS
Exploits1References9Affected Software1
Veracode
Veracode
added 2023/10/26 7:17 a.m.21 views

Double Free

libstb.so is vulnerable to Double Free. The vulnerability is caused due to a function stbiloadgifmain when it returns a null value and fails to free memory in delays variable if stbiconvertformat function is called internally and it fails. This can lead to a memory leak or double-free error if an...

9.8CVSS7AI score0.00959EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2023/10/21 12:15 a.m.8 views

CVE-2023-45664

stbimage is a single file MIT licensed library for processing images. A crafted image file can trigger stbiloadgifmainoutofmem attempt to double-free the out variable. This happens in stbiloadgifmain because when the layers stride value is zero the behavior is implementation defined, but common...

8.8CVSS8.3AI score0.00867EPSS
Exploits0References5
NVD
NVD
added 2023/10/21 12:15 a.m.17 views

CVE-2023-45666

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

9.8CVSS8.4AI score0.00959EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2023/10/20 11:26 p.m.40 views

CVE-2023-45667

stbimage is a single file MIT licensed library for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbiverticalflipslices with th...

7.5CVSS7.3AI score0.01137EPSS
Exploits0
Cvelist
Cvelist
added 2023/10/20 11:26 p.m.37 views

CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

7.3CVSS9.6AI score0.00959EPSS
Exploits0References6
CVE
CVE
added 2023/10/20 11:26 p.m.96 views

CVE-2023-45666

CVE-2023-45666 is a memory-management issue in the single-file library stb_image. The Astra Linux advisory describes that in stbi__load_gif_main, *delays may not be reset to zero when the image is not GIF, and stbi__load_gif_main_outofmem may free memory in *delays without resetting it. If stbi__...

9.8CVSS8.3AI score0.00959EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/20 11:26 p.m.15 views

CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

7.3CVSS6.8AI score0.00959EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2023/10/20 11:26 p.m.51 views

CVE-2023-45666

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

9.8CVSS8.4AI score0.00959EPSS
Exploits0
Debian CVE
Debian CVE
added 2023/10/20 11:26 p.m.57 views

CVE-2023-45666

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

9.8CVSS9.5AI score0.00959EPSS
Exploits0
Rows per page
Query Builder