Launchpad.net

CVE 2019-19777

stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.

See the CVE page on Mitre.org for more details.

References