CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-43898

Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.9%

CVSS Severity

CVSS v3 Score 5.5

References

https://github.com/nothings/stb/issues/1452
https://github.com/nothings/stb/pull/1454
https://github.com/peccc/null-stb
https://github.com/nothings/stb/issues/1452
https://github.com/nothings/stb/pull/1454
https://github.com/peccc/null-stb

Products affected by CVE-2023-43898

Nothings » Stb Image.h » Version: 2.28

cpe:2.3:a:nothings:stb_image.h:2.28

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-43898

Products

Pricing

Contact Us