Vulnerabilities > Nothings > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-43281 | Double Free vulnerability in Nothings STB Image.H 2.28 Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function. | 6.5 |
| 2023-10-21 | CVE-2023-45663 | Unspecified vulnerability in Nothings STB Image.H 2.28 stb_image is a single file MIT licensed library for processing images. | 5.5 |
| 2023-10-21 | CVE-2023-45680 | NULL Pointer Dereference vulnerability in Nothings STB Vorbis.C 1.22 stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. | 5.5 |
| 2023-10-03 | CVE-2023-43898 | NULL Pointer Dereference vulnerability in Nothings STB Image.H 2.28 Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. | 5.5 |
| 2022-04-15 | CVE-2022-28041 | Integer Overflow or Wraparound vulnerability in multiple products stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. | 6.5 |
| 2022-03-17 | CVE-2022-25515 | Out-of-bounds Write vulnerability in Nothings STB Truetype.H 1.26 stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h. | 6.5 |
| 2022-03-17 | CVE-2022-25516 | Out-of-bounds Write vulnerability in Nothings STB Truetype.H 1.26 stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbtt__find_table at stb_truetype.h. | 6.5 |
| 2021-10-21 | CVE-2021-42715 | Infinite Loop vulnerability in multiple products An issue was discovered in stb stb_image.h 1.33 through 2.27. | 5.5 |
| 2019-12-29 | CVE-2019-20056 | Reachable Assertion vulnerability in Nothings STB Image.H 2.23 stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has an assertion failure in stbi__shiftsigned. | 6.5 |