Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Disclosure of uninitialized memory in stbi__tga_load in stb_image
Vulnerability Description
stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the file stream points to the end, it returns zero. There are two places where its return value is not checked: In the `stbi__hdr_load` function and in the `stbi__tga_load` function. The latter of the two is likely more exploitable as an attacker may also control the size of an uninitialized buffer.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
对未经初始化资源的使用
Vulnerability Title
stb_image 安全漏洞
Vulnerability Description
stb是一款用于C/C ++的单文件公共域库。 stb_image 存在安全漏洞,该漏洞源于可能会导致越界读取。
CVSS Information
N/A
Vulnerability Type
N/A