Описание
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:nothings:stb_truetype.h:1.26:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.0044
Низкий
6.5 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-787
Связанные уязвимости
CVSS3: 6.5
ubuntu
почти 4 года назад
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.
CVSS3: 6.5
debian
почти 4 года назад
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow ...
CVSS3: 7.5
github
почти 4 года назад
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h.
EPSS
Процентиль: 63%
0.0044
Низкий
6.5 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-787