Skip to content

NULL pointer derefernce in `stb_image`

Moderate severity GitHub Reviewed Published Mar 20, 2023 to the GitHub Advisory Database • Updated Jul 19, 2023

Package

cargo stb_image (Rust)

Affected versions

< 0.2.5

Patched versions

0.2.5

Description

A bug in error handling in the stb_image C library could cause a NULL pointer dereference when attempting to load an invalid or unsupported image file. This is fixed in version 0.2.5 and later of the stb_image Rust crate, by patching the C code to correctly handle NULL pointers.

References

Published to the GitHub Advisory Database Mar 20, 2023
Reviewed Mar 20, 2023
Last updated Jul 19, 2023

Severity

Moderate

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-ppjr-267j-5p9x

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.