CVE-2023-43281 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.5 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
mitre	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 44%

Vendor	Product	Version
nothings	stb_image.h	2.28

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

arm-compute-library

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	dne
bionic	ignored
xenial	ignored
trusty	ignored

armnn

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	dne
bionic	ignored
xenial	ignored
trusty	ignored

bibledit

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	ignored
trusty	ignored

bibledit-cloud

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	needs-triage
bionic	ignored
xenial	ignored
trusty	ignored

emscripten

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	dne
bionic	needs-triage
xenial	needs-triage
trusty	ignored

goxel

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	ignored
trusty	ignored

libsfml

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage
trusty	ignored

libstb

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	needs-triage
bionic	ignored
xenial	ignored
trusty	ignored

love

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage
trusty	ignored

mame

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage
trusty	ignored

timg

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	dne
bionic	ignored
xenial	ignored
trusty	ignored

tiny-dnn

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	dne
focal	dne
bionic	ignored
xenial	ignored
trusty	ignored

utox

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	needs-triage
bionic	ignored
xenial	ignored
trusty	ignored

visp

oracular	needs-triage
noble	needs-triage
mantic	ignored
lunar	ignored
jammy	needs-triage
focal	dne
bionic	needs-triage
xenial	needs-triage
trusty	ignored

Known Exploits!

Common Weakness Enumeration

CWE-415 - Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References

https://gist.github.com/peccc/d8761f6ac45ad55cbd194dd7e6fdfdac

https://github.com/peccc/double-stb

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMXKOKPP4BKTNUTF5KSRDQAWOUILQZNO/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVABVF4GEM6BYD5L4L64RCRSXUHY6LGN/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UVQ7ONFH5GWLMXYEAJG32A3EUKUCEVCR/

https://gist.github.com/peccc/d8761f6ac45ad55cbd194dd7e6fdfdac

https://github.com/peccc/double-stb

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NMXKOKPP4BKTNUTF5KSRDQAWOUILQZNO/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVABVF4GEM6BYD5L4L64RCRSXUHY6LGN/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UVQ7ONFH5GWLMXYEAJG32A3EUKUCEVCR/