Information on source package libstb

Available versions

ReleaseVersion
buster0.0~git20180212.15.e6afb9c-1
buster (security)0.0~git20180212.15.e6afb9c-1+deb10u1
bullseye0.0~git20200713.b42009b+ds-1
bookworm0.0~git20220908.8b5f1f3+ds-1
trixie0.0~git20230129.5736b15+ds-1
sid0.0~git20230129.5736b15+ds-1.2

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-45682vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45681vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45680vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45679vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45678vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45677vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45676vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45675vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45667vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45666vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45664vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45663vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45662vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45661vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-43898vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableNothings stb 2.28 was discovered to contain a Null Pointer Dereference ...
CVE-2022-28042fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedstb_image.h v2.27 was discovered to contain an heap-based use-after-fr ...
CVE-2022-28041fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedstb_image.h v2.27 was discovered to contain an integer overflow via th ...
CVE-2021-42716fixedfixedvulnerable (no DSA)fixedfixedAn issue was discovered in stb stb_image.h 2.27. The PNM loader incorr ...
CVE-2021-42715fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedAn issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR ...
CVE-2021-37789fixedvulnerable (no DSA)fixedfixedfixedstb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, lead ...
CVE-2021-28021fixedvulnerable (no DSA)fixedfixedfixedBuffer overflow vulnerability in function stbi__extend_receive in stb_ ...
CVE-2019-20056vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedstb_image.h (aka the stb image loader) 2.23, as used in libsixel and o ...
CVE-2019-15058vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedstb_image.h (aka the stb image loader) 2.23 has a heap-based buffer ov ...

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2022-28048vulnerablevulnerablevulnerablefixedfixedSTB v2.27 was discovered to contain an integer shift of invalid size i ...
CVE-2022-27938vulnerablevulnerablevulnerablevulnerablevulnerablestb_image.h (aka the stb image loader) 2.19, as used in libsixel and o ...

Resolved issues

BugDescription
CVE-2019-13223A reachable assertion in the lookup1_values function in stb_vorbis thr ...
CVE-2019-13222An out-of-bounds read of a global buffer in the draw_line function in ...
CVE-2019-13221A stack buffer overflow in the compute_codewords function in stb_vorbi ...
CVE-2019-13220Use of uninitialized stack variables in the start_decoder function in ...
CVE-2019-13219A NULL pointer dereference in the get_window function in stb_vorbis th ...
CVE-2019-13218Division by zero in the predict_point function in stb_vorbis through 2 ...
CVE-2019-13217A heap buffer overflow in the start_decoder function in stb_vorbis thr ...
CVE-2018-1000050Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Ove ...
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ...

Security announcements

DSA / DLADescription
DLA-3305-1libstb - security update

Search for package or bug name: Reporting problems