Stb Truetype.h

stb_truetype.h

Vendor: Nothings • 12 CVEs

CVEs (12)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-5315 1Nothings 1Stb Truetype.h Apr 30, 2026 Apr 2, 2026 2.1 LOW· v4 8.8 HIGH· v3 5.0 MEDIUM· v2 A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbtt__buf_get8 in the library stb_truetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of...Show more A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbtt__buf_get8 in the library stb_truetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2026-5314 1Nothings 1Stb Truetype.h Apr 30, 2026 Apr 1, 2026 2.1 LOW· v4 8.8 HIGH· v3 5.0 MEDIUM· v2 A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds r...Show more A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2022-25516 1Nothings 1Stb Truetype.h Nov 21, 2024 Mar 17, 2022 N/A· v4 6.5 MEDIUM· v3 5.0 MEDIUM· v2 stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbtt__find_table at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should...Show more stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function stbtt__find_table at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.Show less
CVE-2022-25515 1Nothings 1Stb Truetype.h Nov 21, 2024 Mar 17, 2022 N/A· v4 6.5 MEDIUM· v3 5.0 MEDIUM· v2 stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be...Show more stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttULONG() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.Show less
CVE-2022-25514 1Nothings 1Stb Truetype.h Nov 21, 2024 Mar 17, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only b...Show more stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.Show less
CVE-2020-6623 1Nothings 1Stb Truetype.h Nov 21, 2024 Jan 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index.
CVE-2020-6622 1Nothings 1Stb Truetype.h Nov 21, 2024 Jan 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8.
CVE-2020-6621 1Nothings 1Stb Truetype.h Nov 21, 2024 Jan 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT.
CVE-2020-6620 1Nothings 1Stb Truetype.h Nov 21, 2024 Jan 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8.
CVE-2020-6619 1Nothings 1Stb Truetype.h Nov 21, 2024 Jan 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.
CVE-2020-6618 1Nothings 1Stb Truetype.h Nov 21, 2024 Jan 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__find_table.
CVE-2020-6617 1Nothings 1Stb Truetype.h Nov 21, 2024 Jan 8, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int.