Suggestions search

All statuses

Filter by:

With package: raylib

Found 2 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2025-15533

5.3 MEDIUM

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 3 months ago

raysan5 raylib rtext.c GenImageFontAtlas heap-based overflow

A vulnerability was determined in raysan5 raylib up to 909f040. Affected by this vulnerability is the function GenImageFontAtlas of the file src/rtext.c. Executing a manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. This patch is called 5a3391fdce046bc5473e52afbd835dd2dc127146. Applying a patch is advised to resolve this issue.

References

VDB-341705 | raysan5 raylib rtext.c GenImageFontAtlas heap-based overflow vdb-entrytechnical-description
VDB-341705 | CTI Indicators (IOB, IOC, IOA) signaturepermissions-required
Submit #733341 | raysan5 raylib 909f040 Heap-based Buffer Overflow third-party-advisory
Submit #733342 | raysan5 raylib 909f040 Heap-based Buffer Overflow (Duplicate) third-party-advisory
https://github.com/raysan5/raylib/issues/5433 issue-tracking
https://github.com/raysan5/raylib/pull/5450 issue-tracking
https://github.com/oneafter/1224/blob/main/hbf2 exploit
https://github.com/raysan5/raylib/commit/5a3391fdce046bc5473e52afbd835dd2dc1271… patch

Affected products

raylib

==909f040

Matching in nixpkgs

pkgs.raylib

Simple and easy-to-use library to enjoy videogames programming

nixos-unstable 5.5
- nixpkgs-unstable 5.5
- nixos-unstable-small 5.5
nixos-25.11 5.5
- nixpkgs-25.11-darwin 5.5

pkgs.raylib-games

Collection of games made with raylib

nixos-unstable 2022-10-24
- nixpkgs-unstable 2022-10-24
- nixos-unstable-small 2022-10-24
nixos-25.11 2022-10-24
- nixpkgs-25.11-darwin 2022-10-24

pkgs.ocamlPackages.raylib

OCaml bindings for Raylib (5.0.0)

nixos-25.11 1.4.0
- nixpkgs-25.11-darwin 1.4.0

pkgs.haskellPackages.h-raylib

Raylib bindings for Haskell

nixos-unstable 5.5.2.1
- nixpkgs-unstable 5.5.2.1
- nixos-unstable-small 5.5.2.1
nixos-25.11 5.5.3.1
- nixpkgs-25.11-darwin 5.5.3.1

pkgs.python312Packages.raylib-python-cffi

Python CFFI bindings for Raylib

nixos-unstable 5.5.0.2
- nixpkgs-unstable 5.5.0.2
- nixos-unstable-small 5.5.0.2
nixos-25.11 5.5.0.3
- nixpkgs-25.11-darwin 5.5.0.3

pkgs.python313Packages.raylib-python-cffi

Python CFFI bindings for Raylib

nixos-unstable 5.5.0.2
- nixpkgs-unstable 5.5.0.2
- nixos-unstable-small 5.5.0.2
nixos-25.11 5.5.0.3
- nixpkgs-25.11-darwin 5.5.0.3

Package maintainers

@Sigmanificient Yohann Boniface <sigmanificient@gmail.com>
@Prince213 Sizhe Zhao <prc.zhao@outlook.com>
@wegank Weijia Wang <contact@weijia.wang>
@fricklerhandwerk Valentin Gagarin <valentin@fricklerhandwerk.de>
@ethancedwards8 Ethan Carter Edwards <ethan@ethancedwards.com>
@eljamm Fedi Jamoussi <fedi.jamoussi@protonmail.ch>
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>
@diniamo diniamo <diniamo53@gmail.com>
@ehmry Emery Hemingway <ehmry@posteo.net>
@r17x Rin <hi@rin.rocks>

Untriaged

Permalink CVE-2025-15534

5.3 MEDIUM

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 3 months ago

raysan5 raylib rtext.c LoadFontData integer overflow

A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The identifier of the patch is 5a3391fdce046bc5473e52afbd835dd2dc127146. It is suggested to install a patch to address this issue.