Vulnerabilities > Nothings > STB Image H

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-43281 Double Free vulnerability in Nothings STB Image.H 2.28
Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.
network
low complexity
nothings CWE-415
6.5
6.5
2023-10-21 CVE-2023-45661 Out-of-bounds Read vulnerability in Nothings STB Image.H 2.28
stb_image is a single file MIT licensed library for processing images.
local
low complexity
nothings CWE-125
7.1
7.1
2023-10-21 CVE-2023-45662 Out-of-bounds Read vulnerability in Nothings STB Image.H 2.28
stb_image is a single file MIT licensed library for processing images.
network
low complexity
nothings CWE-125
8.1
8.1
2023-10-21 CVE-2023-45663 Use of Uninitialized Resource vulnerability in Nothings STB Image.H 2.28
stb_image is a single file MIT licensed library for processing images.
local
low complexity
nothings CWE-908
5.5
5.5
2023-10-21 CVE-2023-45664 Double Free vulnerability in Nothings STB Image.H 2.28
stb_image is a single file MIT licensed library for processing images.
network
low complexity
nothings CWE-415
8.8
8.8
2023-10-21 CVE-2023-45666 Double Free vulnerability in Nothings STB Image.H 2.28
stb_image is a single file MIT licensed library for processing images.
network
low complexity
nothings CWE-415
critical
 9.8
9.8
2023-10-21 CVE-2023-45667 NULL Pointer Dereference vulnerability in Nothings STB Image.H 2.28
stb_image is a single file MIT licensed library for processing images. If `stbi__load_gif_main` in `stbi_load_gif_from_memory` fails it returns a null pointer and may keep the `z` variable uninitialized.
network
low complexity
nothings CWE-476
7.5
7.5
2023-10-03 CVE-2023-43898 NULL Pointer Dereference vulnerability in Nothings STB Image.H 2.28
Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format.
local
low complexity
nothings CWE-476
5.5
5.5
2022-04-15 CVE-2022-28041 Integer Overflow or Wraparound vulnerability in multiple products
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc.
network
low complexity
nothings fedoraproject debian CWE-190
6.5
6.5
2022-04-15 CVE-2022-28042 Use After Free vulnerability in multiple products
stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.
network
low complexity
nothings fedoraproject debian CWE-416
8.8
8.8