These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
A critical integer overflow vulnerability exists in the stb_dupreplace function of Nothings stb image library, affecting versions up to commit f056911. The vulnerability can be triggered remotely through manipulation of the affected function, potentially leading to memory corruption or other undefined behavior. The stb library uses continuous delivery with rolling releases, meaning no traditional version [truncated]
A vulnerability in Nothings stb image library, specifically in the `stbhw_build_tileset_from_image` function, allows out-of-bounds read through manipulation of the `h_count` and `v_count` arguments. The vulnerability is remotely exploitable and affects versions up to commit f056911. The vendor uses a rolling release model and did not respond to disclosure attempts. The vulnerability was published on April [truncated]
A vulnerability in Nothings stb image library, specifically in the stbhw_build_tileset_from_image function of the Header Array Handler component, allows out-of-bounds read through manipulation of the width argument. The issue affects stb_image.h up to version 2.13 and can be exploited remotely. The vendor uses a rolling release model and did not respond to disclosure attempts.