CVE-2023-45667

Name of the Vulnerable Software and Affected Versions stb image (affected versions not specified)

Description The issue is related to the stbi load gif from memory component of the stb image library, which is a single file MIT licensed library for processing images. If stbi load gif main fails, it returns a null pointer and may keep the z variable uninitialized. In case the caller also sets the flip vertically flag, it continues and calls stbi vertical flip slices with the null pointer result value and the uninitialized z value. This may result in a program crash. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.