Stb Vorbis Project Stb Vorbis — known CVE vulnerabilities
Every CVE whose affected-product data names Stb Vorbis Project Stb Vorbis, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2018-1000050 — CVSS 8.8 (high): Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in…
CVE-2019-13217 — CVSS 7.8 (high): A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or…
CVE-2019-13221 — CVSS 7.8 (high): A stack buffer overflow in the compute_codewords function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service…
CVE-2019-13220 — CVSS 7.1 (high): Use of uninitialized stack variables in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of…
CVE-2019-13222 — CVSS 7.1 (high): An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of…
CVE-2019-13218 — CVSS 5.5 (medium): Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening…
CVE-2019-13223 — CVSS 5.5 (medium): A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by…
CVE-2019-13219 — CVSS 5.5 (medium): A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by…