CVE-2019-15058

Name of the Vulnerable Software and Affected Versions stb image.h version 2.23

Description The issue is related to a heap-based buffer over-read in the stbi tga load function, which can lead to Information Disclosure or Denial of Service. This can be exploited by a remote attacker to gain access to confidential data or cause a service disruption.

Recommendations For version 2.23, consider disabling the stbi tga load function as a temporary workaround until a patch is available. Restrict access to sensitive data handled by the stb image.h library to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.