FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
304d92c3-00c5-11ef-bd52-080027bff743	sdl2_sound -- multiple vulnerabilities GitHub Security Lab reports: stb_image.h and stb_vorbis libraries contain several memory access violations of different severity Wild address read in stbi__gif_load_next (GHSL-2023-145). Multi-byte read heap buffer overflow in stbi__vertical_flip (GHSL-2023-146). Disclosure of uninitialized memory in stbi__tga_load (GHSL-2023-147). Double-free in stbi__load_gif_main_outofmem (GHSL-2023-148). Null pointer dereference in stbi__convert_format (GHSL-2023-149). Possible double-free or memory leak in stbi__load_gif_main (GHSL-2023-150). Null pointer dereference because of an uninitialized variable (GHSL-2023-151). 0 byte write heap buffer overflow in start_decoder (GHSL-2023-165) Multi-byte write heap buffer overflow in start_decoder (GHSL-2023-166) Heap buffer out of bounds write in start_decoder (GHSL-2023-167) Off-by-one heap buffer write in start_decoder (GHSL-2023-168) Attempt to free an uninitialized memory pointer in vorbis_deinit (GHSL-2023-169) Null pointer dereference in vorbis_deinit (GHSL-2023-170) Out of bounds heap buffer write (GHSL-2023-171) Wild address read in vorbis_decode_packet_rest (GHSL-2023-172) Discovery 2023-10-20 Entry 2024-04-22 sdl2_sound < 2.0.2_1 CVE-2023-45676 CVE-2023-45677 CVE-2023-45680 CVE-2023-45681 CVE-2023-45682 https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/

VuXML ID

Description

304d92c3-00c5-11ef-bd52-080027bff743

sdl2_sound -- multiple vulnerabilities

GitHub Security Lab reports:

stb_image.h and stb_vorbis libraries contain several memory access violations of different severity

Wild address read in stbi__gif_load_next (GHSL-2023-145).

Multi-byte read heap buffer overflow in stbi__vertical_flip (GHSL-2023-146).

Disclosure of uninitialized memory in stbi__tga_load (GHSL-2023-147).

Double-free in stbi__load_gif_main_outofmem (GHSL-2023-148).

Null pointer dereference in stbi__convert_format (GHSL-2023-149).

Possible double-free or memory leak in stbi__load_gif_main (GHSL-2023-150).

Null pointer dereference because of an uninitialized variable (GHSL-2023-151).

0 byte write heap buffer overflow in start_decoder (GHSL-2023-165)

Multi-byte write heap buffer overflow in start_decoder (GHSL-2023-166)

Heap buffer out of bounds write in start_decoder (GHSL-2023-167)

Off-by-one heap buffer write in start_decoder (GHSL-2023-168)

Attempt to free an uninitialized memory pointer in vorbis_deinit (GHSL-2023-169)

Null pointer dereference in vorbis_deinit (GHSL-2023-170)

Out of bounds heap buffer write (GHSL-2023-171)

Wild address read in vorbis_decode_packet_rest (GHSL-2023-172)

Discovery 2023-10-20
Entry 2024-04-22
sdl2_sound

< 2.0.2_1

CVE-2023-45676
CVE-2023-45677
CVE-2023-45680
CVE-2023-45681
CVE-2023-45682
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/