In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. The vulnerability is found in ssgLoadTGA() function in src/ssg/ssgLoadTGA.cxx file.
According to URL:
"PLIB has been obsolete and unmaintained for at LEAST 15 years!!
Good catch...but it's not ever getting fixed."
Quite problematic given it seems to have a few revdeps in Gentoo.