Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image
Vulnerability Description
stb_image is a single file MIT licensed library for processing images. When `stbi_set_flip_vertically_on_load` is set to `TRUE` and `req_comp` is set to a number that doesn’t match the real number of components per pixel, the library attempts to flip the image vertically. A crafted image file can trigger `memcpy` out-of-bounds read because `bytes_per_pixel` used to calculate `bytes_per_row` doesn’t match the real image array dimensions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Vulnerability Type
跨界内存读
Vulnerability Title
stb_image 缓冲区错误漏洞
Vulnerability Description
stb是一款用于C/C ++的单文件公共域库。 stb_image 存在安全漏洞,该漏洞源于可能会导致越界读取。
CVSS Information
N/A
Vulnerability Type
N/A