rpm package
opensuse/stb&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/stb&distro=openSUSE%20Leap%2015.6
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-13223 | — | < 20240910-bp156.2.3.1 | 20240910-bp156.2.3.1 | Aug 15, 2019 | A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | ||
| CVE-2019-13222 | — | < 20240910-bp156.2.3.1 | 20240910-bp156.2.3.1 | Aug 15, 2019 | An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. | ||
| CVE-2019-13221 | — | < 20240910-bp156.2.3.1 | 20240910-bp156.2.3.1 | Aug 15, 2019 | A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. | ||
| CVE-2019-13220 | — | < 20240910-bp156.2.3.1 | 20240910-bp156.2.3.1 | Aug 15, 2019 | Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file. | ||
| CVE-2019-13219 | — | < 20240910-bp156.2.3.1 | 20240910-bp156.2.3.1 | Aug 15, 2019 | A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | ||
| CVE-2019-13218 | — | < 20240910-bp156.2.3.1 | 20240910-bp156.2.3.1 | Aug 15, 2019 | Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. | ||
| CVE-2019-13217 | — | < 20240910-bp156.2.3.1 | 20240910-bp156.2.3.1 | Aug 15, 2019 | A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file. |
- CVE-2019-13223Aug 15, 2019affected < 20240910-bp156.2.3.1fixed 20240910-bp156.2.3.1
A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
- CVE-2019-13222Aug 15, 2019affected < 20240910-bp156.2.3.1fixed 20240910-bp156.2.3.1
An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.
- CVE-2019-13221Aug 15, 2019affected < 20240910-bp156.2.3.1fixed 20240910-bp156.2.3.1
A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.
- CVE-2019-13220Aug 15, 2019affected < 20240910-bp156.2.3.1fixed 20240910-bp156.2.3.1
Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.
- CVE-2019-13219Aug 15, 2019affected < 20240910-bp156.2.3.1fixed 20240910-bp156.2.3.1
A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
- CVE-2019-13218Aug 15, 2019affected < 20240910-bp156.2.3.1fixed 20240910-bp156.2.3.1
Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file.
- CVE-2019-13217Aug 15, 2019affected < 20240910-bp156.2.3.1fixed 20240910-bp156.2.3.1
A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.