CVE-2022-25514
CVE-2022-25514
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
17 Mar 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →