Nixpkgs Security Tracker

Published

Permalink CVE-2025-15533

updated 1 month ago by @mweinelt Activity log

Created automatic suggestion 1 month ago
@mweinelt removed
5 packages
- raylib-games
- ocamlPackages.raylib
- haskellPackages.h-raylib
- python312Packages.raylib-python-cffi
- python313Packages.raylib-python-cffi
1 month ago
@mweinelt removed maintainer @Sigmanificient 1 month ago
@mweinelt added maintainer @ehmry 1 month ago
@mweinelt removed maintainer @ehmry 1 month ago
@mweinelt accepted 1 month ago
@mweinelt published on GitHub 1 month ago

raysan5 raylib rtext.c GenImageFontAtlas heap-based overflow

A vulnerability was determined in raysan5 raylib up to 909f040. Affected by this vulnerability is the function GenImageFontAtlas of the file src/rtext.c. Executing a manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. This patch is called 5a3391fdce046bc5473e52afbd835dd2dc127146. Applying a patch is advised to resolve this issue.

Affected products

raylib

==909f040

Matching in nixpkgs

pkgs.raylib

Simple and easy-to-use library to enjoy videogames programming

nixos-unstable 5.5
- nixpkgs-unstable 5.5
- nixos-unstable-small 5.5

Package maintainers

@diniamo diniamo <diniamo53@gmail.com>

Untriaged

(browse all)

Permalink CVE-2025-15534

created 1 month ago

raysan5 raylib rtext.c LoadFontData integer overflow

A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The identifier of the patch is 5a3391fdce046bc5473e52afbd835dd2dc127146. It is suggested to install a patch to address this issue.