Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1wcGpyLTI2N2otNXA5eM4AAyMh

NULL pointer derefernce in `stb_image`

A bug in error handling in the stb_image C library could cause a NULL pointer dereference when attempting to load an invalid or unsupported image file. This is fixed in version 0.2.5 and later of the stb_image Rust crate, by patching the C code to correctly handle NULL pointers.

Permalink: https://github.com/advisories/GHSA-ppjr-267j-5p9x
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1wcGpyLTI2N2otNXA5eM4AAyMh
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 1 year ago
Updated: over 1 year ago


Identifiers: GHSA-ppjr-267j-5p9x
References: Repository: https://github.com/servo/rust-stb-image
Blast Radius: 0.0

Affected Packages

cargo:stb_image
Dependent packages: 7
Dependent repositories: 13
Downloads: 132,132 total
Affected Version Ranges: < 0.2.5
Fixed in: 0.2.5
All affected versions: 0.1.0, 0.2.1, 0.2.2, 0.2.3, 0.2.4
All unaffected versions: 0.2.5, 0.3.0