AZL-75354 CVE-2026-24811 affecting package fltk 1.3.5-4

Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inffast.C. This issue affects root...

AZL-77997 CVE-2026-24800 affecting package fltk 1.3.8-1

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in tildearrow furnace extern/zlib modules. This vulnerability is associated with program files inflate.C...

CVE-2023-6992 affecting package fltk for versions less than 1.3.8-1

CVE-2023-6992 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2016-9842 affecting package fltk for versions less than 1.3.8-1

CVE-2016-9842 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2020-14152 affecting package fltk for versions less than 1.3.8-1

CVE-2020-14152 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2017-12652 affecting package fltk for versions less than 1.3.8-1

CVE-2017-12652 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2019-7317 affecting package fltk for versions less than 1.3.8-1

CVE-2019-7317 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2016-9843 affecting package fltk for versions less than 1.3.8-1

CVE-2016-9843 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2015-8126 affecting package fltk for versions less than 1.3.8-1

CVE-2015-8126 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2015-2158 affecting package fltk for versions less than 1.3.8-1

CVE-2015-2158 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2016-9840 affecting package fltk for versions less than 1.3.8-1

CVE-2016-9840 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...

AZL-43957 CVE-2023-6992 affecting package fltk 1.3.5-4

Cloudflare version of zlib library was found to be vulnerable to memory corruption issues affecting the deflation algorithm implementation deflate.c. The issues resulted from improper input validation and heap-based buffer overflow. A local attacker could exploit the problem during compression...

AZL-44991 CVE-2022-37434 affecting package fltk 1.3.8-1

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

AZL-45231 CVE-2018-25032 affecting package fltk 1.3.8-1

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

AZL-45210 CVE-2019-7317 affecting package fltk for versions less than 1.3.8-1

pngimagefree in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because pngimagefreefunction is called under pngsafeexecute...

AZL-44631 CVE-2016-9842 affecting package fltk for versions less than 1.3.8-1

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers...

AZL-44325 CVE-2016-10087 affecting package fltk for versions less than 1.3.8-1

The pngsettext2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and...

AZL-44394 CVE-2015-8472 affecting package fltk for versions less than 1.3.8-1

Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small...