CVE-2019-13217

Опубликовано: 15 авг. 2019

Источник: debian

EPSS Низкий

Описание

A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libstb	fixed	0.0~git20190817.1.052dce1-1		package

Примечания

https://github.com/nothings/stb/commit/98fdfc6df88b1e34a736d5e126e6c8139c8de1a6
Potentially affects liblivemedia, retroarch, godot, yquake2, pax-britannica, libxmp, faudio

EPSS

Процентиль: 49%

0.00256

Низкий

Связанные уязвимости

CVE-2019-13217

CVSS3: 7.8

ubuntu

больше 6 лет назад

A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.

CVE-2019-13217

CVSS3: 7.8

nvd

больше 6 лет назад

A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.

GHSA-mx8v-jv43-26h4

CVSS3: 7.8

github

больше 3 лет назад

A heap buffer overflow in the start_decoder function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or execute arbitrary code by opening a crafted Ogg Vorbis file.

openSUSE-SU-2025:0039-1

suse-cvrf

около 1 года назад

Security update for stb

EPSS

Процентиль: 49%

0.00256

Низкий