grib

Opam page: https://opam.ocaml.org/packages/grib/

Versions

Version
grib.0.9.7 (latest)
grib.0.11.0

Vulnerable external dependencies (506)

Product	For package	Vendor	Severity	CVE	Published
libpng-dev	grib.0.11.0	pnggroup	Medium	CVE-2026-22801 - LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*	1/12/2026
libpng-dev	grib.0.9.7	pnggroup	Medium	CVE-2026-22801 - LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*	1/12/2026
libpng-dev	grib.0.9.7	pnggroup	Medium	CVE-2026-22695 - LIBPNG has a heap buffer over-read in png_image_read_direct_scaled (regression from CVE-2025-65018 fix)	1/12/2026
libpng-dev	grib.0.11.0	pnggroup	Medium	CVE-2026-22695 - LIBPNG has a heap buffer over-read in png_image_read_direct_scaled (regression from CVE-2025-65018 fix)	1/12/2026
libjasper-dev	grib.0.9.7	n/a	Low	CVE-2025-8837 - JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free	8/11/2025
libjasper-dev	grib.0.11.0	n/a	Low	CVE-2025-8837 - JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free	8/11/2025
libjasper-dev	grib.0.11.0	n/a	Low	CVE-2025-8836 - JasPer JPEG2000 Encoder jpc_enc.c jpc_floorlog2 assertion	8/11/2025
libjasper-dev	grib.0.9.7	n/a	Low	CVE-2025-8836 - JasPer JPEG2000 Encoder jpc_enc.c jpc_floorlog2 assertion	8/11/2025
libjasper-dev	grib.0.9.7	n/a	Low	CVE-2025-8835 - JasPer Image Color Space Conversion jas_image.c jas_image_chclrspc null pointer dereference	8/11/2025
libjasper-dev	grib.0.11.0	n/a	Low	CVE-2025-8835 - JasPer Image Color Space Conversion jas_image.c jas_image_chclrspc null pointer dereference	8/11/2025
libpng-dev	grib.0.9.7	pnggroup	High	CVE-2025-66293 - LIBPNG has an out-of-bounds read in png_image_read_composite	12/3/2025
libpng-dev	grib.0.11.0	pnggroup	High	CVE-2025-66293 - LIBPNG has an out-of-bounds read in png_image_read_composite	12/3/2025
libpng-dev	grib.0.11.0	pnggroup	High	CVE-2025-65018 - LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`	11/24/2025
libpng-dev	grib.0.9.7	pnggroup	High	CVE-2025-65018 - LIBPNG is vulnerable to a heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`	11/24/2025
libpng-dev	grib.0.11.0	pnggroup	High	CVE-2025-64720 - LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication	11/24/2025
libpng-dev	grib.0.9.7	pnggroup	High	CVE-2025-64720 - LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication	11/24/2025
libpng-dev	grib.0.9.7	pnggroup	Medium	CVE-2025-64506 - LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images	11/24/2025
libpng-dev	grib.0.11.0	pnggroup	Medium	CVE-2025-64506 - LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images	11/24/2025
libpng-dev	grib.0.9.7	pnggroup	Medium	CVE-2025-64505 - LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index	11/24/2025
libpng-dev	grib.0.11.0	pnggroup	Medium	CVE-2025-64505 - LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index	11/24/2025

grib Subscribe

Versions

Vulnerable external dependencies (506)

grib