Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
dev-libs
The dev-libs category contains various miscellaneous programming libraries.
Packages
Stabilization
75
Outdated
131
Pull requests
51
Bugs
954
Security
50
Security Bug Reports
dev-libs/libcroco: multiple vulnerabilities (CVE-2017-{8834,8871})
621258 - Assigned to Gentoo Security
dev-libs/crypto++: vulnerable to private key recovery (CVE-2019-14318)
702930 - Assigned to Gentoo Security
dev-libs/cereal: Multiple vulnerabilities (CVE-2020-{11104,11105})
715538 - Assigned to Gentoo Security
<dev-libs/libsass-3.6.4: multiple vulnerabilities (CVE-2019-18798)
742491 - Assigned to Gentoo Security
dev-libs/libtomcrypt: Out of bounds read (CVE-2019-17362)
761412 - Assigned to Gentoo Security
dev-libs/xerces-c: XML parser contains a use-after-free error triggered during the scanning of external DTDs
770763 - Assigned to Gentoo Security
dev-libs/keystone: multiple vulnerabilities (CVE-2020-{36404,36405})
799785 - Assigned to Gentoo Security
<dev-libs/libuv-1.41.1, <net-libs/nodejs-{12.22.2:0/12, 14.17.2:0/14, 16.4.1:0/16): out of bounds read
800986 - Assigned to Gentoo Security
<dev-libs/botan-2.18.2: ElGamal plaintext recovery (CVE-2021-40529)
811906 - Assigned to Gentoo Security
<dev-libs/crypto++-8.6.0: ElGamal plaintext recovery (CVE-2021-40530)
811915 - Assigned to Gentoo Security
<dev-libs/tinyxml-2.6.2-r5: infinite loop (CVE-2021-42260)
817863 - Assigned to Gentoo Security
<dev-libs/stb-20240201: multiple vulnerabilities
818556 - Assigned to Gentoo Security
dev-libs/libxls: null pointer dereferences
821517 - Assigned to Gentoo Security
<dev-libs/libbpf-0.7.0: multiple vulnerabilities
830368 - Assigned to Gentoo Security
<dev-libs/uriparser-0.9.6: multiple vulnerabilities
830665 - Assigned to Gentoo Security
dev-libs/stb: reachable assertion in stbi__create_png_image_raw
836241 - Assigned to Gentoo Security
<dev-libs/oniguruma-6.9.8: oss-fuzz issues fixed
841893 - Assigned to Gentoo Security
<dev-libs/icu-71.1-r1: Heap buffer overflow in V8 Internationalization
843731 - Assigned to Gentoo Security
<dev-libs/libpcre2-10.40: multiple vulnerabilities
845195 - Assigned to Gentoo Security
<dev-libs/mxml-3.3: multiple vulnerabilities
847952 - Assigned to Gentoo Security
<dev-libs/protobuf-c-1.4.1: undefined behaviour (invalid arithmetic shift)
856043 - Assigned to Gentoo Security
<dev-libs/protobuf-{3.19.6,3.20.3} <dev-python/protobuf-python-3.19.6: denial of service via OOM
872434 - Assigned to Gentoo Security
<dev-libs/botan-2.19.3: OCSP response falsification
881529 - Assigned to Gentoo Security
<dev-libs/capnproto-0.10.4: out-of-bounds read
883777 - Assigned to Gentoo Security
<dev-libs/libgit2-1.5.1[ssh]: fails to verify SSH keys by default
891525 - Assigned to Gentoo Security
<www-apache/mod_security-2.9.7, <dev-libs/modsecurity-3.0.9: multiple vulnerabilities
891777 - Assigned to Gentoo Security
<dev-libs/apr-1.7.2, <dev-libs/apr-util-1.6.3: integer overflow/wraparound in apr_encode (CVE-2022-24963)
893406 - Assigned to Gentoo Security
<dev-libs/libtpms-0.9.6: Out-of-bounds access
898504 - Assigned to Gentoo Security
<dev-libs/confuse-3.3-r2: Heap buffer overflow
901089 - Assigned to Gentoo Security
<dev-libs/protobuf-c-1.4.1: unsigned integer overflow
904423 - Assigned to Gentoo Security
<dev-libs/liblouis-3.25.0: Multiple vulnerabilities
905298 - Assigned to Gentoo Security
<dev-libs/log4cxx-1.2.0[odbc]: SQL injection
906115 - Assigned to Gentoo Security
=dev-libs/nettle-3.9: Memory corruption in OCB handling
907673 - Assigned to Gentoo Security
<dev-libs/iniparser-4.1-r1: null pointer dereference
907928 - Assigned to Gentoo Security
<dev-libs/opensc-0.23.0-r1: buffer overread vulnerability
907930 - Assigned to Gentoo Security
<dev-libs/libtommath-1.2.1: Integer overflow
913880 - Assigned to Gentoo Security
<dev-libs/opensc-0.24.0: multiple vulnerabilities
917651 - Assigned to Gentoo Security
<dev-libs/json-c-0.16: stack buffer overflow
918555 - Assigned to Gentoo Security
dev-libs/zziplib: invalid memory access
918624 - Assigned to Gentoo Security
dev-libs/stb: multiple vulnerabilities
918679 - Assigned to Gentoo Security
dev-libs/crypto++: multiple vulnerabilities
920284 - Assigned to Gentoo Security
<dev-libs/openssl-{3.0.13, 3.1.5, 3.2.1}: multiple vulnerabilities
921684 - Assigned to Gentoo Security
dev-libs/modsecurity: WAF bypass
923858 - Assigned to Gentoo Security
<dev-libs/expat-2.6.0 quadratic runtime denial of service
923951 - Assigned to Gentoo Security
<dev-libs/libgit2-1.7.2: multiple vulnerabilities
923971 - Assigned to Gentoo Security
<dev-libs/libuv-1.48.0: hostname truncation in getaddrinfo allows attacker-controlled lookup results
924127 - Assigned to Gentoo Security
<dev-libs/nss-{3.90.2,3.98}: TLS RSA decryption timing attack
925027 - Assigned to Gentoo Security
<dev-libs/botan-{2.19.4, 3.3.0}: Denial of service via ECC parameters
925147 - Assigned to Gentoo Security
<dev-libs/expat-2.6.2: vulnerable to billion laughs attacks with isolated use of external parsers
926786 - Assigned to Gentoo Security
<dev-libs/openssl-{3.0.13-r1, 3.1.5-r2, 3.2.1-r2}: Unbounded memory growth with session handling in TLSv1.3
930047 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.