Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
dev-libs
The dev-libs category contains various miscellaneous programming libraries.
Packages
Stabilization
49
Outdated
140
Pull requests
51
Bugs
991
Security
50
Security Bug Reports
dev-libs/libcroco: multiple vulnerabilities (CVE-2017-{8834,8871})
621258 - Assigned to Gentoo Security
dev-libs/crypto++: vulnerable to private key recovery (CVE-2019-14318)
702930 - Assigned to Gentoo Security
dev-libs/cereal: Multiple vulnerabilities (CVE-2020-{11104,11105})
715538 - Assigned to Gentoo Security
<dev-libs/libsass-3.6.4: multiple vulnerabilities (CVE-2019-18798)
742491 - Assigned to Gentoo Security
dev-libs/libtomcrypt: Out of bounds read (CVE-2019-17362)
761412 - Assigned to Gentoo Security
dev-libs/xerces-c: XML parser contains a use-after-free error triggered during the scanning of external DTDs
770763 - Assigned to Gentoo Security
dev-libs/keystone: multiple vulnerabilities (CVE-2020-{36404,36405})
799785 - Assigned to Gentoo Security
<dev-libs/botan-2.18.2: ElGamal plaintext recovery (CVE-2021-40529)
811906 - Assigned to Gentoo Security
<dev-libs/crypto++-8.6.0: ElGamal plaintext recovery (CVE-2021-40530)
811915 - Assigned to Gentoo Security
<dev-libs/tinyxml-2.6.2-r5: infinite loop (CVE-2021-42260)
817863 - Assigned to Gentoo Security
dev-libs/libxls: null pointer dereferences
821517 - Assigned to Gentoo Security
<dev-libs/libbpf-0.7.0: multiple vulnerabilities
830368 - Assigned to Gentoo Security
<dev-libs/uriparser-0.9.6: multiple vulnerabilities
830665 - Assigned to Gentoo Security
dev-libs/stb: reachable assertion in stbi__create_png_image_raw
836241 - Assigned to Gentoo Security
<dev-libs/oniguruma-6.9.8: oss-fuzz issues fixed
841893 - Assigned to Gentoo Security
<dev-libs/icu-71.1-r1: Heap buffer overflow in V8 Internationalization
843731 - Assigned to Gentoo Security
<dev-libs/libpcre2-10.40: multiple vulnerabilities
845195 - Assigned to Gentoo Security
<dev-libs/botan-2.19.3: OCSP response falsification
881529 - Assigned to Gentoo Security
<dev-libs/capnproto-0.10.4: out-of-bounds read
883777 - Assigned to Gentoo Security
<www-apache/mod_security-2.9.7, <dev-libs/modsecurity-3.0.9: multiple vulnerabilities
891777 - Assigned to Gentoo Security
<dev-libs/apr-1.7.2, <dev-libs/apr-util-1.6.3: integer overflow/wraparound in apr_encode (CVE-2022-24963)
893406 - Assigned to Gentoo Security
<dev-libs/libtpms-0.9.6: Out-of-bounds access
898504 - Assigned to Gentoo Security
<dev-libs/confuse-3.3-r2: Heap buffer overflow
901089 - Assigned to Gentoo Security
<dev-libs/log4cxx-1.2.0[odbc]: SQL injection
906115 - Assigned to Gentoo Security
<dev-libs/iniparser-4.1-r1: null pointer dereference
907928 - Assigned to Gentoo Security
<dev-libs/libtommath-1.2.1: Integer overflow
913880 - Assigned to Gentoo Security
dev-libs/zziplib: invalid memory access
918624 - Assigned to Gentoo Security
dev-libs/stb: multiple vulnerabilities
918679 - Assigned to Gentoo Security
dev-libs/crypto++: multiple vulnerabilities
920284 - Assigned to Gentoo Security
<dev-libs/openssl-{3.0.13, 3.1.5, 3.2.1}: multiple vulnerabilities
921684 - Assigned to Gentoo Security
dev-libs/modsecurity: WAF bypass
923858 - Assigned to Gentoo Security
<dev-libs/expat-2.6.0 quadratic runtime denial of service
923951 - Assigned to Gentoo Security
<dev-libs/libuv-1.48.0: hostname truncation in getaddrinfo allows attacker-controlled lookup results
924127 - Assigned to Gentoo Security
<dev-libs/nss-{3.90.2,3.98}: TLS RSA decryption timing attack
925027 - Assigned to Gentoo Security
<dev-libs/botan-{2.19.4, 3.3.0}: Denial of service via ECC parameters
925147 - Assigned to Gentoo Security
<dev-libs/expat-2.6.2: vulnerable to billion laughs attacks with isolated use of external parsers
926786 - Assigned to Gentoo Security
<dev-libs/openssl-{3.0.13-r1, 3.1.5-r2, 3.2.1-r2}: Unbounded memory growth with session handling in TLSv1.3
930047 - Assigned to Gentoo Security
<dev-libs/uriparser-0.9.8: multiple vulnerabilities
931259 - Assigned to Sebastian Pipping
<dev-libs/glib-2.78.6: Signal subscription vulnerabilities
931507 - Assigned to Gentoo Security
<dev-libs/libxml2-{2.11.8, 2.12.7}: Buffer overread with xmllint --htmlout
931977 - Assigned to Gentoo Security
<dev-libs/openssl-{3.0.14, 3.1.6, 3.2.2}: Checking excessively long DSA keys or parameters may be very slow
932317 - Assigned to Gentoo Security
dev-libs/libbson: bson_utf8_validate on some inputs leads to an infinite loop
936109 - Assigned to Gentoo Security
<dev-libs/apr-1.7.5: Unexpected lax shared memory permissions
938542 - Assigned to Gentoo Security
<dev-libs/expat-2.6.3: multiple vulnerabilities
938894 - Assigned to Gentoo Security
<dev-libs/openssl-{3.0.15, 3.1.7, 3.2.3, 3.3.2}: denial of service
939110 - Assigned to Gentoo Security
<dev-libs/dotconf-1.4.1: Multiple vulnerabilities
939831 - Assigned to Gentoo Security
<dev-libs/openssl-{3.0.15-r1, 3.1.7-r1, 3.2.3-r1, 3.3.2-r1}: Low-level invalid GF(2^m) parameters lead to OOB memory access
941643 - Assigned to Gentoo Security
<dev-libs/expat-2.6.4 - NULL pointer dereference through function XML_ResumeParser
942969 - Assigned to Gentoo Security
<dev-libs/libxml2-{2.11.9, 2.12.9}: Regression in consumer protection from CVE-2012-0037
943198 - Assigned to Gentoo Security
<dev-libs/opensc-0.26.0: Multiple vulnerabilities
945083 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.
Packages