** DISPUTED ** stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbtt__find_table at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.
References
Link | Resource |
---|---|
https://github.com/nothings/stb/issues/1287 | Exploit Issue Tracking Third Party Advisory |
https://github.com/nothings/stb/issues/1286 | Exploit Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2022-03-16 18:15
Updated : 2023-02-02 11:57
NVD link : CVE-2022-25516
Mitre link : CVE-2022-25516
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
nothings
- stb_truetype.h