CVE-2023-45661
CVSS 3.1 Score 7.1 of 10 (high)
Details
Published Oct 21, 2023
Updated: Nov 4, 2023
CWE ID 125
Summary
CVE-2023-45661 is a vulnerability affecting the stb_image library, which is used for processing images. The issue involves an out-of-bounds memory read in the function `stbi__gif_load_next` of this library. This occurs when two_back, a pointer, points to a memory address below the start of the buffer. This vulnerability may be exploited to leak internal memory allocation information. This MIT-licensed library should be updated to address this security concern.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share