CVE-2018-19758

Опубликовано: 30 нояб. 2018

Источник: debian

EPSS Низкий

Описание

There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

Пакет	Статус	Версия исправления	Релиз	Тип
libsndfile	fixed	1.0.28-5		package

https://bugzilla.redhat.com/show_bug.cgi?id=1643812
https://github.com/erikd/libsndfile/issues/435
https://github.com/erikd/libsndfile/commit/42132c543358cee9f7c3e9e9b15bb6c1063a608e
when fixing this issue, the fix needs to be made complete to not open CVE-2019-3832

EPSS

Процентиль: 74%

0.00848

Низкий

CVE-2018-19758

CVSS3: 6.5

ubuntu

больше 6 лет назад

There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

CVE-2018-19758

CVSS3: 3.3

redhat

почти 7 лет назад

There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

CVE-2018-19758

CVSS3: 6.5

nvd

больше 6 лет назад

There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

CVE-2018-19758

CVSS3: 6.5

msrc

больше 4 лет назад

Описание отсутствует

GHSA-4jqr-pr36-m28w

CVSS3: 6.5

github

больше 3 лет назад

There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

EPSS

Процентиль: 74%

0.00848

Низкий