Heap-Based Buffer Over-Read in stb_image.h (2.23): Information Disclosure and Denial of Service Vulnerability

Heap-Based Buffer Over-Read in stb_image.h (2.23): Information Disclosure and Denial of Service Vulnerability

CVE-2019-15058 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer over-read in stbi__tga_load, leading to Information Disclosure or Denial of Service.

Learn more about our Web Application Penetration Testing UK.