PT-2026-29674

Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.22 Description A security flaw exists in Nothings stb, specifically within the start decoder function of the stb vorbis.c file. This flaw results in an out-of-bounds write, and can be exploited remotely. The explo...

UBUNTU-CVE-2023-45679

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in startdecoder. In that case the function returns early, but some of the pointers in f-commentlist are left initialized and later setupfree is called on these...

PT-2023-29648 · Unknown +2 · Stb Vorbis +2

Name of the Vulnerable Software and Affected Versions: stb vorbis affected versions not specified Description: The issue concerns a crafted file that may trigger an out of bounds read in the DECODE macro when the var is negative. According to the definition of DECODE RAW, a negative var is a vali...

SUSE CVE-2019-13222

An out-of-bounds read of a global buffer in the drawline function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file...

PT-2019-13190 · Stb · Stb Vorbis

Name of the Vulnerable Software and Affected Versions: stb vorbis versions through 2019-03-04 Description: A reachable assertion in the lookup1 values function allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. Recommendations: For versions through 2019-03-04,...