nicbarker clay clay.h Clay__MeasureTextCached null pointer dereference

A security flaw has been discovered in nicbarker clay up to 0.14. This affects the function Clay__MeasureTextCached in the library clay.h. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

空指针解引用

Clay 代码问题漏洞

Clay是Nic Barker个人开发者的一个高性能UI布局库。 Clay 0.14及之前版本存在代码问题漏洞，该漏洞源于clay.h库中Clay__MeasureTextCached函数存在空指针取消引用，可能导致本地攻击。

N/A

N/A