Nothings Stb Vorbis C
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Nothings Stb Vorbis C.
By the Year
In 2026 there have been 0 vulnerabilities in Nothings Stb Vorbis C. Stb Vorbis C did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 8 | 7.43 |
It may take a day or so for new Stb Vorbis C vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Nothings Stb Vorbis C Security Vulnerabilities
CVE-2023-45682: stb_vorbis OGG decode out-of-bounds read leaks memory
CVE-2023-45682
7.1 - High
- October 21, 2023
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds read in `DECODE` macro when `var` is negative. As it can be seen in the definition of `DECODE_RAW` a negative `var` is a valid value. This issue may be used to leak internal memory allocation information.
Out-of-bounds Read
Integer Overflows in stb_vorbis: Heap Buffer Overflow in start_decoder
CVE-2023-45681
7.8 - High
- October 21, 2023
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f->comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is another integer overflow an attacker may overflow it too to force `setup_malloc` to return 0 and make the exploit more reliable. This issue may lead to code execution.
Integer Overflow or Wraparound
stb_vorbis DoS via NULL Dereference in Decoder
CVE-2023-45680
5.5 - Medium
- October 21, 2023
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in `start_decoder`. In that case the function returns early, the `f->comment_list` is set to `NULL`, but `f->comment_list_length` is not reset. Later in `vorbis_deinit` it tries to dereference the `NULL` pointer. This issue may lead to denial of service.
NULL Pointer Dereference
stb_vorbis Memory Allocation Failure in start_decoder Enables Code Execution
CVE-2023-45679
7.8 - High
- October 21, 2023
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in `start_decoder`. In that case the function returns early, but some of the pointers in `f->comment_list` are left initialized and later `setup_free` is called on these pointers in `vorbis_deinit`. This issue may lead to code execution.
Double-free
stb_vorbis Ogg Vorbis Buffer Overflow in start_decoder
CVE-2023-45678
7.8 - High
- October 21, 2023
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in `start_decoder` because at maximum `m->submaps` can be 16 but `submap_floor` and `submap_residue` are declared as arrays of 15 elements. This issue may lead to code execution.
Memory Corruption
stb_vorbis: OOB write via negative len in vendor field -- code exec
CVE-2023-45677
7.8 - High
- October 21, 2023
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if `len` read in `start_decoder` is a negative number and `setup_malloc` successfully allocates memory in that case, but memory write is done with a negative index `len`. Similarly if len is INT_MAX the integer overflow len+1 happens in `f->vendor = (char*)setup_malloc(f, sizeof(char) * (len+1));` and `f->comment_list[i] = (char*)setup_malloc(f, sizeof(char) * (len+1));`. This issue may lead to code execution.
Memory Corruption
stb_vorbis Ogg Vorbis lib: OOB write via setup_malloc overflow
CVE-2023-45676
7.8 - High
- October 21, 2023
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[i] = get8_packet(f);`. The root cause is an integer overflow in `setup_malloc`. A sufficiently large value in the variable `sz` overflows with `sz+7` in and the negative value passes the maximum available memory buffer check. This issue may lead to code execution.
Memory Corruption
OOB Write in stb_vorbis setup_malloc May Allow Code Exec
CVE-2023-45675
7.8 - High
- October 21, 2023
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if the len read in `start_decoder` is `-1` and `len + 1` becomes 0 when passed to `setup_malloc`. The `setup_malloc` behaves differently when `f->alloc.alloc_buffer` is pre-allocated. Instead of returning `NULL` as in `malloc` case it shifts the pre-allocated buffer by zero and returns the currently available memory block. This issue may lead to code execution.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Nothings Stb Vorbis C or by Nothings? Click the Watch button to subscribe.
