Stb Image
Monthly
Heap-based buffer overflow in Nothings stb_image library up to version 2.30 in the stbi__gif_load_next function allows local authenticated attackers to cause memory corruption with limited confidentiality, integrity, and availability impact. Public exploit code is available; however, the vulnerability requires local access and authenticated privilege level, significantly limiting real-world exploitation scope. The vendor has not responded to early disclosure attempts.
Heap-based buffer overflow in Nothings stb_image library up to version 2.30 in the stbi__gif_load_next function allows local authenticated attackers to cause memory corruption with limited confidentiality, integrity, and availability impact. Public exploit code is available; however, the vulnerability requires local access and authenticated privilege level, significantly limiting real-world exploitation scope. The vendor has not responded to early disclosure attempts.