CVE-2019-19777

Severity CVSS v4.0:
Pending analysis
Type:
CWE-125 Out-of-bounds Read
Publication date:
13/12/2019
Last modified:
17/06/2026

Description

stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:nothings:stb_image.h:2.23:*:*:*:*:*:*:*
cpe:2.3:a:saitoha:libsixel:1.8.2:*:*:*:*:*:*:*