Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nothings stb TTF File stb_truetype.h stbtt__buf_get8 out-of-bounds
Vulnerability Description
A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbtt__buf_get8 in the library stb_truetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Vulnerability Type
跨界内存读
Vulnerability Title
stb 缓冲区错误漏洞
Vulnerability Description
stb是Sean Barrett个人开发者的一个用于C/C++的stb单文件公共域库。 stb 1.26及之前版本存在缓冲区错误漏洞,该漏洞源于TTF File Handler组件stb_truetype.h库中stbtt__buf_get8函数的操作可能导致越界读取,可能导致远程攻击。
CVSS Information
N/A
Vulnerability Type
N/A