Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2023-43281

Double Free

Published: Oct 25, 2023 | Modified: Nov 21, 2024
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
Vulnerability-free packages from our partners
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2023-43281
CWEhttps://cwe.mitre.org/data/definitions/415.html

Double Free vulnerability in Nothings Stb Image.h v.2.28 allows a remote attacker to cause a denial of service via a crafted file to the stbi_load_gif_main function.

Weakness

The product calls free() twice on the same memory address.

Affected Software

Name Vendor Start Version End Version
Stb_image.h Nothings 2.28 (including) 2.28 (including)
Arm-compute-library Ubuntu bionic *
Arm-compute-library Ubuntu lunar *
Arm-compute-library Ubuntu mantic *
Arm-compute-library Ubuntu oracular *
Arm-compute-library Ubuntu trusty *
Arm-compute-library Ubuntu xenial *
Armnn Ubuntu bionic *
Armnn Ubuntu lunar *
Armnn Ubuntu mantic *
Armnn Ubuntu oracular *
Armnn Ubuntu trusty *
Armnn Ubuntu xenial *
Bibledit Ubuntu bionic *
Bibledit Ubuntu focal *
Bibledit Ubuntu lunar *
Bibledit Ubuntu mantic *
Bibledit Ubuntu oracular *
Bibledit Ubuntu trusty *
Bibledit Ubuntu xenial *
Bibledit-cloud Ubuntu bionic *
Bibledit-cloud Ubuntu focal *
Bibledit-cloud Ubuntu lunar *
Bibledit-cloud Ubuntu mantic *
Bibledit-cloud Ubuntu oracular *
Bibledit-cloud Ubuntu trusty *
Bibledit-cloud Ubuntu xenial *
Emscripten Ubuntu bionic *
Emscripten Ubuntu lunar *
Emscripten Ubuntu mantic *
Emscripten Ubuntu oracular *
Emscripten Ubuntu trusty *
Emscripten Ubuntu xenial *
Goxel Ubuntu bionic *
Goxel Ubuntu focal *
Goxel Ubuntu lunar *
Goxel Ubuntu mantic *
Goxel Ubuntu oracular *
Goxel Ubuntu trusty *
Goxel Ubuntu xenial *
Libsfml Ubuntu bionic *
Libsfml Ubuntu focal *
Libsfml Ubuntu lunar *
Libsfml Ubuntu mantic *
Libsfml Ubuntu oracular *
Libsfml Ubuntu trusty *
Libsfml Ubuntu xenial *
Libstb Ubuntu bionic *
Libstb Ubuntu focal *
Libstb Ubuntu lunar *
Libstb Ubuntu mantic *
Libstb Ubuntu oracular *
Libstb Ubuntu trusty *
Libstb Ubuntu xenial *
Love Ubuntu bionic *
Love Ubuntu focal *
Love Ubuntu lunar *
Love Ubuntu mantic *
Love Ubuntu oracular *
Love Ubuntu trusty *
Love Ubuntu xenial *
Mame Ubuntu bionic *
Mame Ubuntu focal *
Mame Ubuntu lunar *
Mame Ubuntu mantic *
Mame Ubuntu oracular *
Mame Ubuntu trusty *
Mame Ubuntu xenial *
Timg Ubuntu bionic *
Timg Ubuntu lunar *
Timg Ubuntu mantic *
Timg Ubuntu oracular *
Timg Ubuntu trusty *
Timg Ubuntu xenial *
Tiny-dnn Ubuntu bionic *
Tiny-dnn Ubuntu lunar *
Tiny-dnn Ubuntu mantic *
Tiny-dnn Ubuntu oracular *
Tiny-dnn Ubuntu trusty *
Tiny-dnn Ubuntu xenial *
Utox Ubuntu bionic *
Utox Ubuntu focal *
Utox Ubuntu lunar *
Utox Ubuntu mantic *
Utox Ubuntu oracular *
Utox Ubuntu trusty *
Utox Ubuntu xenial *
Visp Ubuntu bionic *
Visp Ubuntu lunar *
Visp Ubuntu mantic *
Visp Ubuntu oracular *
Visp Ubuntu trusty *
Visp Ubuntu xenial *

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use