peccc
/ gist:d8761f6ac45ad55cbd194dd7e6fdfdac
Created
October 4, 2023 08:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2023-43281 | |
| [PRODUCT] | |
| Nothings(https://github.com/nothings/stb) Stb Image.h | |
| [VERSION] | |
| 2.28 | |
| [PROBLEM TYPE] | |
| Double free | |
| [DESCRIPTION] | |
| Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function. |
peccc
/ gist:2905a6832ff75408b69edbd615e155e1
Created
September 30, 2023 13:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [CVE ID] | |
| CVE-2023-43898 | |
| [PRODUCT] | |
| Nothings(https://github.com/nothings/stb) Stb Image.h | |
| [VERSION] | |
| 2.28 | |
| [PROBLEM TYPE] | |
| Null Pointer Dereference | |
| [DESCRIPTION] | |
| Nothings stb_image.h v2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file. |