{"id":"UBUNTU-CVE-2018-16981","details":"stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.","modified":"2026-04-13T10:49:53.028614Z","published":"2018-09-12T23:29:00Z","related":["USN-7913-1"],"upstream":["CVE-2018-16981"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-16981"},{"type":"REPORT","url":"https://github.com/nothings/stb/issues/656"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2018-16981"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7913-1"}],"affected":[{"package":{"name":"libsfml","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/libsfml@2.3.2+dfsg-1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.3.2+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libsfml-audio2.3v5","binary_version":"2.3.2+dfsg-1"},{"binary_name":"libsfml-dev","binary_version":"2.3.2+dfsg-1"},{"binary_name":"libsfml-graphics2.3v5","binary_version":"2.3.2+dfsg-1"},{"binary_name":"libsfml-network2.3v5","binary_version":"2.3.2+dfsg-1"},{"binary_name":"libsfml-system2.3v5","binary_version":"2.3.2+dfsg-1"},{"binary_name":"libsfml-window2.3v5","binary_version":"2.3.2+dfsg-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsixel","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/libsixel@1.5.2-2?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.4.2-1","1.5.2-2"],"ecosystem_specific":{"binaries":[{"binary_name":"libsixel-bin","binary_version":"1.5.2-2"},{"binary_name":"libsixel-dev","binary_version":"1.5.2-2"},{"binary_name":"libsixel1","binary_version":"1.5.2-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"love","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/love@0.9.1-3ubuntu1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.9.1-3ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"love","binary_version":"0.9.1-3ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"mame","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/mame@0.160-0ubuntu1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.160-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"mame","binary_version":"0.160-0ubuntu1"},{"binary_name":"mame-tools","binary_version":"0.160-0ubuntu1"},{"binary_name":"mess","binary_version":"0.160-0ubuntu1"},{"binary_name":"mess-data","binary_version":"0.160-0ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zam-plugins","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/zam-plugins@3.6~repack2-3?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.5~repack0-7build1","3.6~repack2-3"],"ecosystem_specific":{"binaries":[{"binary_name":"zam-plugins","binary_version":"3.6~repack2-3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zynaddsubfx","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/zynaddsubfx@2.5.2-2ubuntu1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.5.1-2","2.5.2-2","2.5.2-2ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"zynaddsubfx","binary_version":"2.5.2-2ubuntu1"},{"binary_name":"zynaddsubfx-data","binary_version":"2.5.2-2ubuntu1"},{"binary_name":"zynaddsubfx-dssi","binary_version":"2.5.2-2ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"catimg","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/catimg@2.4.0-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.0-1"],"ecosystem_specific":{"binaries":[{"binary_name":"catimg","binary_version":"2.4.0-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"goxel","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/goxel@0.7.2-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.7.1-2","0.7.2-1"],"ecosystem_specific":{"binaries":[{"binary_name":"goxel","binary_version":"0.7.2-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsfml","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/libsfml@2.4.2+dfsg-4?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.4.2+dfsg-4"],"ecosystem_specific":{"binaries":[{"binary_name":"libsfml-audio2.4","binary_version":"2.4.2+dfsg-4"},{"binary_name":"libsfml-dev","binary_version":"2.4.2+dfsg-4"},{"binary_name":"libsfml-graphics2.4","binary_version":"2.4.2+dfsg-4"},{"binary_name":"libsfml-network2.4","binary_version":"2.4.2+dfsg-4"},{"binary_name":"libsfml-system2.4","binary_version":"2.4.2+dfsg-4"},{"binary_name":"libsfml-window2.4","binary_version":"2.4.2+dfsg-4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsixel","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/libsixel@1.7.3-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.5.2-2","1.7.3-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libsixel-bin","binary_version":"1.7.3-1"},{"binary_name":"libsixel-dev","binary_version":"1.7.3-1"},{"binary_name":"libsixel-examples","binary_version":"1.7.3-1"},{"binary_name":"libsixel1","binary_version":"1.7.3-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"love","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/love@0.9.1-4ubuntu1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.9.1-4ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"love","binary_version":"0.9.1-4ubuntu1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"mame","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/mame@0.195+dfsg.1-2ubuntu0.1~esm1?arch=source&distro=esm-apps/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.195+dfsg.1-2ubuntu0.1~esm1"}]}],"versions":["0.188+dfsg.1-0ubuntu2","0.189+dfsg.1-1","0.192+dfsg.1-0ubuntu1","0.195+dfsg.1-2"],"ecosystem_specific":{"binaries":[{"binary_name":"mame","binary_version":"0.195+dfsg.1-2ubuntu0.1~esm1"},{"binary_name":"mame-data","binary_version":"0.195+dfsg.1-2ubuntu0.1~esm1"},{"binary_name":"mame-tools","binary_version":"0.195+dfsg.1-2ubuntu0.1~esm1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"retroarch","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/retroarch@1.4.1+dfsg1-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.4.1+dfsg1-1"],"ecosystem_specific":{"binaries":[{"binary_name":"retroarch","binary_version":"1.4.1+dfsg1-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zam-plugins","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/zam-plugins@3.9~repack3-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.8~repack2-1","3.9~repack3-1"],"ecosystem_specific":{"binaries":[{"binary_name":"zam-plugins","binary_version":"3.9~repack3-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zynaddsubfx","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/zynaddsubfx@3.0.3-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.2-1","3.0.3-1"],"ecosystem_specific":{"binaries":[{"binary_name":"zynaddsubfx","binary_version":"3.0.3-1"},{"binary_name":"zynaddsubfx-data","binary_version":"3.0.3-1"},{"binary_name":"zynaddsubfx-dssi","binary_version":"3.0.3-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"catimg","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/catimg@2.5.0-1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.5.0-1"],"ecosystem_specific":{"binaries":[{"binary_name":"catimg","binary_version":"2.5.0-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"ccextractor","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/ccextractor@0.87+ds1-1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.87+ds1-1"],"ecosystem_specific":{"binaries":[{"binary_name":"ccextractor","binary_version":"0.87+ds1-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"goxel","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/goxel@0.8.1-1build1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.8.1-1","0.8.1-1build1"],"ecosystem_specific":{"binaries":[{"binary_name":"goxel","binary_version":"0.8.1-1build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsfml","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/libsfml@2.5.1+dfsg-1build1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.5.1+dfsg-1","2.5.1+dfsg-1build1"],"ecosystem_specific":{"binaries":[{"binary_name":"libsfml-audio2.5","binary_version":"2.5.1+dfsg-1build1"},{"binary_name":"libsfml-dev","binary_version":"2.5.1+dfsg-1build1"},{"binary_name":"libsfml-graphics2.5","binary_version":"2.5.1+dfsg-1build1"},{"binary_name":"libsfml-network2.5","binary_version":"2.5.1+dfsg-1build1"},{"binary_name":"libsfml-system2.5","binary_version":"2.5.1+dfsg-1build1"},{"binary_name":"libsfml-window2.5","binary_version":"2.5.1+dfsg-1build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsixel","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/libsixel@1.8.2-2.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.8.2-1","1.8.2-2.1"],"ecosystem_specific":{"binaries":[{"binary_name":"libsixel-bin","binary_version":"1.8.2-2.1"},{"binary_name":"libsixel-dev","binary_version":"1.8.2-2.1"},{"binary_name":"libsixel-examples","binary_version":"1.8.2-2.1"},{"binary_name":"libsixel1","binary_version":"1.8.2-2.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"love","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/love@11.3-1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["11.1-2","11.3-1"],"ecosystem_specific":{"binaries":[{"binary_name":"love","binary_version":"11.3-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"mame","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/mame@0.220+dfsg.1-1ubuntu0.1~esm1?arch=source&distro=esm-apps/focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.220+dfsg.1-1ubuntu0.1~esm1"}]}],"versions":["0.206+dfsg.1-1","0.214+dfsg.1-2","0.215+dfsg.1-1","0.217+dfsg.1-1","0.217+dfsg.1-1build1","0.218+dfsg.1-1","0.220+dfsg.1-1"],"ecosystem_specific":{"binaries":[{"binary_name":"mame","binary_version":"0.220+dfsg.1-1ubuntu0.1~esm1"},{"binary_name":"mame-data","binary_version":"0.220+dfsg.1-1ubuntu0.1~esm1"},{"binary_name":"mame-tools","binary_version":"0.220+dfsg.1-1ubuntu0.1~esm1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"renderdoc","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/renderdoc@1.6+dfsg-1build2?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.4+dfsg-1","1.5+dfsg-1","1.5+dfsg-2","1.6+dfsg-1","1.6+dfsg-1build1","1.6+dfsg-1build2"],"ecosystem_specific":{"binaries":[{"binary_name":"renderdoc","binary_version":"1.6+dfsg-1build2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"retroarch","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/retroarch@1.7.3+dfsg1-1.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.7.3+dfsg1-1build1","1.7.3+dfsg1-1.1"],"ecosystem_specific":{"binaries":[{"binary_name":"retroarch","binary_version":"1.7.3+dfsg1-1.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"tweeny","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/tweeny@3-2?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3-1","3-2"],"ecosystem_specific":{"binaries":[{"binary_name":"libtweeny-dev","binary_version":"3-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zam-plugins","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/zam-plugins@3.9~repack3-1build1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.9~repack3-1","3.9~repack3-1build1"],"ecosystem_specific":{"binaries":[{"binary_name":"zam-plugins","binary_version":"3.9~repack3-1build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zynaddsubfx","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/zynaddsubfx@3.0.5-2build1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.5-2","3.0.5-2build1"],"ecosystem_specific":{"binaries":[{"binary_name":"zynaddsubfx","binary_version":"3.0.5-2build1"},{"binary_name":"zynaddsubfx-data","binary_version":"3.0.5-2build1"},{"binary_name":"zynaddsubfx-dssi","binary_version":"3.0.5-2build1"},{"binary_name":"zynaddsubfx-lv2","binary_version":"3.0.5-2build1"},{"binary_name":"zynaddsubfx-vst","binary_version":"3.0.5-2build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"catimg","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/catimg@2.7.0-1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.7.0-1"],"ecosystem_specific":{"binaries":[{"binary_name":"catimg","binary_version":"2.7.0-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"ccextractor","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/ccextractor@0.93+ds2-2?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.88+ds1-1","0.93+ds2-1","0.93+ds2-1ubuntu1","0.93+ds2-2"],"ecosystem_specific":{"binaries":[{"binary_name":"ccextractor","binary_version":"0.93+ds2-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"goxel","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/goxel@0.10.8-1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.10.6-3","0.10.8-1"],"ecosystem_specific":{"binaries":[{"binary_name":"goxel","binary_version":"0.10.8-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsfml","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/libsfml@2.5.1+dfsg-2?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.5.1+dfsg-1build1","2.5.1+dfsg-2"],"ecosystem_specific":{"binaries":[{"binary_name":"libsfml-audio2.5","binary_version":"2.5.1+dfsg-2"},{"binary_name":"libsfml-dev","binary_version":"2.5.1+dfsg-2"},{"binary_name":"libsfml-graphics2.5","binary_version":"2.5.1+dfsg-2"},{"binary_name":"libsfml-network2.5","binary_version":"2.5.1+dfsg-2"},{"binary_name":"libsfml-system2.5","binary_version":"2.5.1+dfsg-2"},{"binary_name":"libsfml-window2.5","binary_version":"2.5.1+dfsg-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsixel","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/libsixel@1.10.3-3?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.8.6-2","1.10.3-2","1.10.3-3"],"ecosystem_specific":{"binaries":[{"binary_name":"libsixel-bin","binary_version":"1.10.3-3"},{"binary_name":"libsixel-dev","binary_version":"1.10.3-3"},{"binary_name":"libsixel-examples","binary_version":"1.10.3-3"},{"binary_name":"libsixel1","binary_version":"1.10.3-3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"love","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/love@11.3-1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["11.3-1"],"ecosystem_specific":{"binaries":[{"binary_name":"love","binary_version":"11.3-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"renderdoc","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/renderdoc@1.18+dfsg-1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.11+dfsg-5","1.15+dfsg-1","1.16+dfsg-1","1.16+dfsg-1build1","1.18+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_name":"librenderdoc","binary_version":"1.18+dfsg-1"},{"binary_name":"librenderdoc-dev","binary_version":"1.18+dfsg-1"},{"binary_name":"python3-renderdoc","binary_version":"1.18+dfsg-1"},{"binary_name":"qrenderdoc","binary_version":"1.18+dfsg-1"},{"binary_name":"renderdoc","binary_version":"1.18+dfsg-1"},{"binary_name":"renderdoccmd","binary_version":"1.18+dfsg-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"retroarch","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/retroarch@1.7.3+dfsg1-1.1build1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.7.3+dfsg1-1.1build1"],"ecosystem_specific":{"binaries":[{"binary_name":"retroarch","binary_version":"1.7.3+dfsg1-1.1build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"tweeny","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/tweeny@3-2?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3-2"],"ecosystem_specific":{"binaries":[{"binary_name":"libtweeny-dev","binary_version":"3-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zam-plugins","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/zam-plugins@3.14~repack3-1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.14~repack3-1"],"ecosystem_specific":{"binaries":[{"binary_name":"zam-plugins","binary_version":"3.14~repack3-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zynaddsubfx","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/zynaddsubfx@3.0.5-2build1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.5-2build1"],"ecosystem_specific":{"binaries":[{"binary_name":"zynaddsubfx","binary_version":"3.0.5-2build1"},{"binary_name":"zynaddsubfx-data","binary_version":"3.0.5-2build1"},{"binary_name":"zynaddsubfx-dssi","binary_version":"3.0.5-2build1"},{"binary_name":"zynaddsubfx-lv2","binary_version":"3.0.5-2build1"},{"binary_name":"zynaddsubfx-vst","binary_version":"3.0.5-2build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"mame","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/mame@0.242+dfsg.1-1ubuntu0.1~esm1?arch=source&distro=esm-apps/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.242+dfsg.1-1ubuntu0.1~esm1"}]}],"versions":["0.235+dfsg.1-1ubuntu1","0.237+dfsg.1-1","0.238+dfsg.1-1","0.239+dfsg.1-1","0.240+dfsg.1-1","0.242+dfsg.1-1"],"ecosystem_specific":{"binaries":[{"binary_name":"mame","binary_version":"0.242+dfsg.1-1ubuntu0.1~esm1"},{"binary_name":"mame-data","binary_version":"0.242+dfsg.1-1ubuntu0.1~esm1"},{"binary_name":"mame-tools","binary_version":"0.242+dfsg.1-1ubuntu0.1~esm1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"catimg","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/catimg@2.7.0-2?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.7.0-2"],"ecosystem_specific":{"binaries":[{"binary_name":"catimg","binary_version":"2.7.0-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"ccextractor","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/ccextractor@0.94+ds1-3build3?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.94+ds1-3","0.94+ds1-3build2","0.94+ds1-3build3"],"ecosystem_specific":{"binaries":[{"binary_name":"ccextractor","binary_version":"0.94+ds1-3build3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"goxel","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/goxel@0.11.0-1.1build3?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.11.0-1.1","0.11.0-1.1build2","0.11.0-1.1build3"],"ecosystem_specific":{"binaries":[{"binary_name":"goxel","binary_version":"0.11.0-1.1build3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsfml","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/libsfml@2.6.1+dfsg-2build2?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.5.1+dfsg-2build1","2.6.1+dfsg-2","2.6.1+dfsg-2build1","2.6.1+dfsg-2build2"],"ecosystem_specific":{"binaries":[{"binary_name":"libsfml-audio2.6","binary_version":"2.6.1+dfsg-2build2"},{"binary_name":"libsfml-dev","binary_version":"2.6.1+dfsg-2build2"},{"binary_name":"libsfml-graphics2.6","binary_version":"2.6.1+dfsg-2build2"},{"binary_name":"libsfml-network2.6","binary_version":"2.6.1+dfsg-2build2"},{"binary_name":"libsfml-system2.6","binary_version":"2.6.1+dfsg-2build2"},{"binary_name":"libsfml-window2.6","binary_version":"2.6.1+dfsg-2build2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsixel","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/libsixel@1.10.3-3build1?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.10.3-3","1.10.3-3build1"],"ecosystem_specific":{"binaries":[{"binary_name":"libsixel-bin","binary_version":"1.10.3-3build1"},{"binary_name":"libsixel-dev","binary_version":"1.10.3-3build1"},{"binary_name":"libsixel-examples","binary_version":"1.10.3-3build1"},{"binary_name":"libsixel1","binary_version":"1.10.3-3build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"love","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/love@11.5-1build1?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["11.4-1","11.5-1","11.5-1build1"],"ecosystem_specific":{"binaries":[{"binary_name":"love","binary_version":"11.5-1build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"tweeny","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/tweeny@3-2?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3-2"],"ecosystem_specific":{"binaries":[{"binary_name":"libtweeny-dev","binary_version":"3-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zam-plugins","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/zam-plugins@4.2+ds-1build1?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.1+ds-2","4.1+ds-3","4.2+ds-1","4.2+ds-1build1"],"ecosystem_specific":{"binaries":[{"binary_name":"zam-plugins","binary_version":"4.2+ds-1build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zynaddsubfx","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/zynaddsubfx@3.0.6-6build3?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.6-6","3.0.6-6build1","3.0.6-6build2","3.0.6-6build3"],"ecosystem_specific":{"binaries":[{"binary_name":"zynaddsubfx","binary_version":"3.0.6-6build3"},{"binary_name":"zynaddsubfx-data","binary_version":"3.0.6-6build3"},{"binary_name":"zynaddsubfx-dssi","binary_version":"3.0.6-6build3"},{"binary_name":"zynaddsubfx-lv2","binary_version":"3.0.6-6build3"},{"binary_name":"zynaddsubfx-vst","binary_version":"3.0.6-6build3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"mame","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/mame@0.264+dfsg.1-1ubuntu0.1~esm1?arch=source&distro=esm-apps/noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.264+dfsg.1-1ubuntu0.1~esm1"}]}],"versions":["0.257+dfsg.1-1","0.258+dfsg.1-1build1","0.261+dfsg.1-1","0.261+dfsg.1-1build2","0.261+dfsg.1-1build3","0.264+dfsg.1-1"],"ecosystem_specific":{"binaries":[{"binary_name":"mame","binary_version":"0.264+dfsg.1-1ubuntu0.1~esm1"},{"binary_name":"mame-data","binary_version":"0.264+dfsg.1-1ubuntu0.1~esm1"},{"binary_name":"mame-tools","binary_version":"0.264+dfsg.1-1ubuntu0.1~esm1"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"retroarch","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/retroarch@1.18.0+dfsg-1ubuntu0.1~esm1?arch=source&distro=esm-apps/noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.14.0+dfsg-1build1","1.15.0+dfsg-1","1.16.0.3+dfsg-1","1.18.0+dfsg-1","1.18.0+dfsg-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"retroarch","binary_version":"1.18.0+dfsg-1ubuntu0.1~esm1"},{"binary_name":"retroarch-dev","binary_version":"1.18.0+dfsg-1ubuntu0.1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"catimg","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/catimg@2.7.0-4?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.7.0-2","2.7.0-4"],"ecosystem_specific":{"binaries":[{"binary_name":"catimg","binary_version":"2.7.0-4"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"goxel","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/goxel@0.11.0-1.1build3?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.11.0-1.1build3"],"ecosystem_specific":{"binaries":[{"binary_name":"goxel","binary_version":"0.11.0-1.1build3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsfml","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/libsfml@2.6.2+dfsg-2build1?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.6.2+dfsg-2build1"],"ecosystem_specific":{"binaries":[{"binary_name":"libsfml-audio2.6","binary_version":"2.6.2+dfsg-2build1"},{"binary_name":"libsfml-dev","binary_version":"2.6.2+dfsg-2build1"},{"binary_name":"libsfml-graphics2.6","binary_version":"2.6.2+dfsg-2build1"},{"binary_name":"libsfml-network2.6","binary_version":"2.6.2+dfsg-2build1"},{"binary_name":"libsfml-system2.6","binary_version":"2.6.2+dfsg-2build1"},{"binary_name":"libsfml-window2.6","binary_version":"2.6.2+dfsg-2build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"libsixel","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/libsixel@1.10.5-1?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.10.5-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libsixel-bin","binary_version":"1.10.5-1"},{"binary_name":"libsixel-dev","binary_version":"1.10.5-1"},{"binary_name":"libsixel-examples","binary_version":"1.10.5-1"},{"binary_name":"libsixel1","binary_version":"1.10.5-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"love","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/love@11.5-2?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["11.5-2"],"ecosystem_specific":{"binaries":[{"binary_name":"love","binary_version":"11.5-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"mame","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/mame@0.277+dfsg.1-4ubuntu0.1?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.277+dfsg.1-4ubuntu0.1"}]}],"versions":["0.275+dfsg.1-3","0.277+dfsg.1-4"],"ecosystem_specific":{"binaries":[{"binary_name":"mame","binary_version":"0.277+dfsg.1-4ubuntu0.1"},{"binary_name":"mame-data","binary_version":"0.277+dfsg.1-4ubuntu0.1"},{"binary_name":"mame-tools","binary_version":"0.277+dfsg.1-4ubuntu0.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"retroarch","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/retroarch@1.20.0+dfsg-3ubuntu0.1?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.20.0+dfsg-2build1","1.20.0+dfsg-2build2","1.20.0+dfsg-3","1.20.0+dfsg-3ubuntu0.1"],"ecosystem_specific":{"binaries":[{"binary_name":"retroarch","binary_version":"1.20.0+dfsg-3ubuntu0.1"},{"binary_name":"retroarch-dev","binary_version":"1.20.0+dfsg-3ubuntu0.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"tweeny","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/tweeny@3-2?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3-2"],"ecosystem_specific":{"binaries":[{"binary_name":"libtweeny-dev","binary_version":"3-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zam-plugins","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/zam-plugins@4.2+ds-1build1?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["4.2+ds-1build1"],"ecosystem_specific":{"binaries":[{"binary_name":"zam-plugins","binary_version":"4.2+ds-1build1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}},{"package":{"name":"zynaddsubfx","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/zynaddsubfx@3.0.6-7?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["3.0.6-6build3","3.0.6-7"],"ecosystem_specific":{"binaries":[{"binary_name":"zynaddsubfx","binary_version":"3.0.6-7"},{"binary_name":"zynaddsubfx-data","binary_version":"3.0.6-7"},{"binary_name":"zynaddsubfx-dssi","binary_version":"3.0.6-7"},{"binary_name":"zynaddsubfx-lv2","binary_version":"3.0.6-7"},{"binary_name":"zynaddsubfx-vst","binary_version":"3.0.6-7"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-16981.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}