Information on source package libstb

Available versions

ReleaseVersion
bullseye0.0~git20200713.b42009b+ds-1
bookworm0.0~git20220908.8b5f1f3+ds-1
trixie0.0~git20241109.5c20573+ds-1
sid0.0~git20241109.5c20573+ds-1

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2025-3409vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability classified as critical has been found in Nothings stb ...
CVE-2025-3408vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability was found in Nothings stb up to f056911. It has been r ...
CVE-2025-3407vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability was found in Nothings stb up to f056911. It has been d ...
CVE-2025-3406vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerableA vulnerability was found in Nothings stb up to f056911. It has been c ...
CVE-2023-47212vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableA heap-based buffer overflow vulnerability exists in the comment funct ...
CVE-2023-45682vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45681vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45680vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45679vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45678vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45677vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45676vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45675vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerablestb_vorbis is a single file MIT licensed library for processing ogg vo ...
CVE-2023-45667vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45666vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45664vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45663vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45662vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-45661vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablestb_image is a single file MIT licensed library for processing images. ...
CVE-2023-43898vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerableNothings stb 2.28 was discovered to contain a Null Pointer Dereference ...
CVE-2022-28042vulnerable (no DSA)vulnerable (no DSA)fixedfixedstb_image.h v2.27 was discovered to contain an heap-based use-after-fr ...
CVE-2022-28041vulnerable (no DSA)vulnerable (no DSA)fixedfixedstb_image.h v2.27 was discovered to contain an integer overflow via th ...
CVE-2021-42716fixedvulnerable (no DSA)fixedfixedAn issue was discovered in stb stb_image.h 2.27. The PNM loader incorr ...
CVE-2021-42715vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR ...
CVE-2021-37789vulnerable (no DSA)fixedfixedfixedstb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, lead ...
CVE-2021-28021vulnerable (no DSA)fixedfixedfixedBuffer overflow vulnerability in function stbi__extend_receive in stb_ ...
CVE-2019-20056vulnerable (no DSA)fixedfixedfixedstb_image.h (aka the stb image loader) 2.23, as used in libsixel and o ...
CVE-2019-15058vulnerable (no DSA)fixedfixedfixedstb_image.h (aka the stb image loader) 2.23 has a heap-based buffer ov ...

Open unimportant issues

BugbullseyebookwormtrixiesidDescription
CVE-2022-28048vulnerablevulnerablefixedfixedSTB v2.27 was discovered to contain an integer shift of invalid size i ...
CVE-2022-27938vulnerablevulnerablevulnerablevulnerablestb_image.h (aka the stb image loader) 2.19, as used in libsixel and o ...

Resolved issues

BugDescription
CVE-2019-13223A reachable assertion in the lookup1_values function in stb_vorbis thr ...
CVE-2019-13222An out-of-bounds read of a global buffer in the draw_line function in ...
CVE-2019-13221A stack buffer overflow in the compute_codewords function in stb_vorbi ...
CVE-2019-13220Use of uninitialized stack variables in the start_decoder function in ...
CVE-2019-13219A NULL pointer dereference in the get_window function in stb_vorbis th ...
CVE-2019-13218Division by zero in the predict_point function in stb_vorbis through 2 ...
CVE-2019-13217A heap buffer overflow in the start_decoder function in stb_vorbis thr ...
CVE-2018-1000050Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Ove ...
CVE-2018-16981stb stb_image.h 2.19, as used in catimg, Emscripten, and other product ...

Security announcements

DSA / DLADescription
DLA-3305-1libstb - security update
Search for package or bug name: Reporting problems