CVE-2019-19777
First published: Fri Dec 13 2019(Updated: )
stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Libsixel Project Libsixel | =1.8.2 | |
| Nothings Stb Image.h | =2.23 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-19777.
What is the severity of CVE-2019-19777?
The severity of CVE-2019-19777 is high with a severity value of 8.8.
What is the affected software for CVE-2019-19777?
The affected software for CVE-2019-19777 includes libsixel version 1.8.2 and stb_image.h version 2.23.
What is the CWE ID for CVE-2019-19777?
The CWE ID for CVE-2019-19777 is 125.
Is there a reference for CVE-2019-19777?
Yes, there is a reference for CVE-2019-19777. You can find it at https://github.com/saitoha/libsixel/issues/109.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/libsixel project
- canonical/libsixel project libsixel
- version/libsixel project libsixel/1.8.2
- vendor/nothings
- canonical/nothings stb image.h
- version/nothings stb image.h/2.23