Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

stb — Vulnerabilities & Security Advisories 24

All 24 CVE vulnerabilities found in stb, with AI-generated Chinese analysis, references, and POCs.

Vendor: nothings

CVE IDTitleCVSSSeverityPublished
CVE-2026-5317 Nothings stb stb_vorbis.c start_decoder out-of-bounds write CWE-787 6.3 Medium2026-04-02
CVE-2026-5316 Nothings stb stb_vorbis.c setup_free allocation of resources CWE-770 4.3 Medium2026-04-02
CVE-2026-5315 Nothings stb TTF File stb_truetype.h stbtt__buf_get8 out-of-bounds CWE-125 4.3 Medium2026-04-01
CVE-2026-5314 Nothings stb TTF File stb_truetype.h stbtt_InitFont_internal out-of-bounds CWE-125 4.3 Medium2026-04-01
CVE-2026-5313 Nothings stb GIF Decoder stb_image.h stbi__gif_load_next denial of service CWE-404 4.3 Medium2026-04-01
CVE-2026-5186 Nothings stb Multi-frame GIF File stb_image.h stbi__load_gif_main double free CWE-415 5.3 Medium2026-03-31
CVE-2025-3409 Nothings stb stb_include_string stack-based overflow CWE-121 6.3 Medium2025-04-08
CVE-2025-3408 Nothings stb stb_dupreplace integer overflow CWE-190 6.3 Medium2025-04-08
CVE-2025-3407 Nothings stb stbhw_build_tileset_from_image out-of-bounds CWE-125 6.3 Medium2025-04-08
CVE-2025-3406 Nothings stb Header Array stbhw_build_tileset_from_image out-of-bounds CWE-125 4.3 Medium2025-04-08
CVE-2023-45682 Wild address read in vorbis_decode_packet_rest in stb_vorbis CWE-125 5.3 Medium2023-10-20
CVE-2023-45681 Out of bounds heap buffer write in stb_vorbis CWE-787 7.3 High2023-10-20
CVE-2023-45680 Null pointer dereference in vorbis_deinit in stb_vorbis CWE-476 5.3 Medium2023-10-20
CVE-2023-45679 Attempt to free an uninitialized memory pointer in vorbis_deinit in stb_vorbis CWE-415 7.3 High2023-10-20
CVE-2023-45678 Off-by-one heap buffer write in start_decoder in stb_vorbis CWE-787 6.5 Medium2023-10-20
CVE-2023-45677 Heap buffer out of bounds write in start_decoder in stb_vorbis CWE-787 7.3 High2023-10-20
CVE-2023-45676 Multi-byte write heap buffer overflow in start_decoder in stb_vorbis CWE-787 7.3 High2023-10-20
CVE-2023-45675 0 byte write heap buffer overflow in start_decoder in stb_vorbis CWE-787 6.5 Medium2023-10-20
CVE-2023-45667 Null pointer dereference because of an uninitialized variable in stb_image CWE-476 5.3 Medium2023-10-20
CVE-2023-45666 Possible double-free or memory leak in stbi__load_gif_main in stb_image CWE-415 7.3 High2023-10-20
CVE-2023-45664 Double-free in stbi__load_gif_main_outofmem in stb_image CWE-415 7.3 High2023-10-20
CVE-2023-45663 Disclosure of uninitialized memory in stbi__tga_load in stb_image CWE-908 5.3 Medium2023-10-20
CVE-2023-45662 Multi-byte read heap buffer overflow in stbi__vertical_flip in stb_image CWE-125 6.5 Medium2023-10-20
CVE-2023-45661 Wild address read in stbi__gif_load_next in stb_image CWE-125 6.5 Medium2023-10-20

All 24 known CVE vulnerabilities affecting stb with full Chinese analysis, references, and POCs where available.