DEBIAN-CVE-2026-5313
- Source
- https://security-tracker.debian.org/tracker/CVE-2026-5313
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-5313.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2026-5313
- Upstream
- Published
- 2026-04-01T22:16:21.553Z
- Modified
- 2026-04-02T16:00:13.134565Z
- Severity
-
- 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbi_gifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- References
Affected packages
Debian:11 / libstb
Package
- Name
- libstb
- Purl
- pkg:deb/debian/libstb?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.0~git20200713.b42009b+ds-1
0.0~git20200713.b42009b+ds-1+deb11u1
0.0~git20210910.af1a5bc+ds-1
0.0~git20220908.8b5f1f3+ds-1~bpo11+1
0.0~git20220908.8b5f1f3+ds-1
0.0~git20230129.5736b15+ds-1
0.0~git20230129.5736b15+ds-1.1~exp1
0.0~git20230129.5736b15+ds-1.1
0.0~git20230129.5736b15+ds-1.2
0.0~git20240715.f7f20f39fe4f+ds-1
0.0~git20241109.5c20573+ds-1
0.0~git20250907.fede005+ds-1
Debian:12 / libstb
Package
- Name
- libstb
- Purl
- pkg:deb/debian/libstb?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:13 / libstb
Package
- Name
- libstb
- Purl
- pkg:deb/debian/libstb?arch=source
Debian:14 / libstb
Package
- Name
- libstb
- Purl
- pkg:deb/debian/libstb?arch=source