Stb Truetype.h
by Nothings
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-5315 | Med | 0.28 | 4.3 | 0.01 | Apr 2, 2026 | A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbtt__buf_get8 in the library stb_truetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The… | ||
| CVE-2026-5314 | Med | 0.28 | 4.3 | 0.01 | Apr 1, 2026 | A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The… | ||
| CVE-2022-25514 | 0.00 | — | 0.01 | Mar 17, 2022 | stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input. | |||
| CVE-2020-6620 | 0.00 | — | 0.01 | Jan 8, 2020 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8. | |||
| CVE-2020-6622 | 0.00 | — | 0.01 | Jan 8, 2020 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8. |
- risk 0.28cvss 4.3epss 0.01
A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbtt__buf_get8 in the library stb_truetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The…
- risk 0.28cvss 4.3epss 0.01
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The…
- CVE-2022-25514Mar 17, 2022risk 0.00cvss —epss 0.01
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.
- CVE-2020-6620Jan 8, 2020risk 0.00cvss —epss 0.01
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8.
- CVE-2020-6622Jan 8, 2020risk 0.00cvss —epss 0.01
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8.