VYPR

Stb Truetype.h

by Nothings

CVEs (5)

  • CVE-2026-5315MedApr 2, 2026
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbtt__buf_get8 in the library stb_truetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The…

  • CVE-2026-5314MedApr 1, 2026
    risk 0.28cvss 4.3epss 0.01

    A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The…

  • CVE-2022-25514Mar 17, 2022
    risk 0.00cvss epss 0.01

    stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.

  • CVE-2020-6620Jan 8, 2020
    risk 0.00cvss epss 0.01

    stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8.

  • CVE-2020-6622Jan 8, 2020
    risk 0.00cvss epss 0.01

    stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8.