VYPR
Unrated severityNVD Advisory· Published Oct 20, 2023· Updated Feb 13, 2025

Wild address read in stbi__gif_load_next in stb_image

CVE-2023-45661

Description

stb_image is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in stbi__gif_load_next. This happens because two_back points to a memory address lower than the start of the buffer out. This issue may be used to leak internal memory allocation information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.