CVE-2017-14634

Опубликовано: 21 сент. 2017

Источник: debian

EPSS Низкий

Описание

In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libsndfile	fixed	1.0.28-5		package
libsndfile	no-dsa		wheezy	package

Примечания

https://github.com/erikd/libsndfile/issues/318
Fixed by: https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788

EPSS

Процентиль: 78%

0.01154

Низкий

Связанные уязвимости

CVE-2017-14634

CVSS3: 6.5

ubuntu

почти 8 лет назад

In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.

CVE-2017-14634

CVSS3: 3.3

redhat

почти 8 лет назад

In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.

CVE-2017-14634

CVSS3: 6.5

nvd

почти 8 лет назад

In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.

CVE-2017-14634

CVSS3: 6.5

msrc

больше 4 лет назад

Описание отсутствует

GHSA-wqmq-9gvf-cgxr

CVSS3: 6.5

github

около 3 лет назад

In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.

EPSS

Процентиль: 78%

0.01154

Низкий