| Bug | buster | bullseye | bookworm | sid | Description |
|---|
| CVE-2022-28042 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | stb_image.h v2.27 was discovered to contain an heap-based use-after-fr ... |
| CVE-2022-28041 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | stb_image.h v2.27 was discovered to contain an integer overflow via th ... |
| CVE-2021-42716 | fixed | fixed | vulnerable (no DSA) | vulnerable | An issue was discovered in stb stb_image.h 2.27. The PNM loader incorr ... |
| CVE-2021-42715 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR ... |
| CVE-2021-37789 | fixed | vulnerable (no DSA) | fixed | fixed | stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, lead ... |
| CVE-2021-28021 | fixed | vulnerable (no DSA) | fixed | fixed | Buffer overflow vulnerability in function stbi__extend_receive in stb_ ... |
| CVE-2019-20056 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | stb_image.h (aka the stb image loader) 2.23, as used in libsixel and o ... |
| CVE-2019-15058 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer ov ... |
| Bug | buster | bullseye | bookworm | sid | Description |
|---|
| CVE-2022-28048 | vulnerable | vulnerable | vulnerable | vulnerable | STB v2.27 was discovered to contain an integer shift of invalid size i ... |
| CVE-2022-27938 | vulnerable | vulnerable | vulnerable | vulnerable | stb_image.h (aka the stb image loader) 2.19, as used in libsixel and o ... |
| CVE-2022-25516 | vulnerable | vulnerable | vulnerable | vulnerable | stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow ... |
| CVE-2022-25515 | vulnerable | vulnerable | vulnerable | vulnerable | stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow ... |
| CVE-2022-25514 | vulnerable | vulnerable | vulnerable | vulnerable | stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow ... |
| CVE-2020-6623 | vulnerable | vulnerable | vulnerable | vulnerable | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff ... |
| CVE-2020-6622 | vulnerable | vulnerable | vulnerable | vulnerable | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in s ... |
| CVE-2020-6621 | vulnerable | vulnerable | vulnerable | vulnerable | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in t ... |
| CVE-2020-6620 | vulnerable | vulnerable | vulnerable | vulnerable | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in s ... |
| CVE-2020-6619 | vulnerable | vulnerable | vulnerable | vulnerable | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf ... |
| CVE-2020-6618 | vulnerable | vulnerable | vulnerable | vulnerable | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in s ... |
| CVE-2020-6617 | vulnerable | vulnerable | vulnerable | vulnerable | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff ... |
| Bug | Description |
|---|
| CVE-2019-13223 | A reachable assertion in the lookup1_values function in stb_vorbis thr ... |
| CVE-2019-13222 | An out-of-bounds read of a global buffer in the draw_line function in ... |
| CVE-2019-13221 | A stack buffer overflow in the compute_codewords function in stb_vorbi ... |
| CVE-2019-13220 | Use of uninitialized stack variables in the start_decoder function in ... |
| CVE-2019-13219 | A NULL pointer dereference in the get_window function in stb_vorbis th ... |
| CVE-2019-13218 | Division by zero in the predict_point function in stb_vorbis through 2 ... |
| CVE-2019-13217 | A heap buffer overflow in the start_decoder function in stb_vorbis thr ... |
| CVE-2018-1000050 | Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Ove ... |
| CVE-2018-16981 | stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ... |