Описание
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libsndfile | fixed | 1.2.2-2 | package | |
| libsndfile | no-dsa | bookworm | package | |
| libsndfile | postponed | bullseye | package |
Примечания
https://github.com/libsndfile/libsndfile/issues/1035
Fixed by: https://github.com/libsndfile/libsndfile/commit/4755f5bd7854611d92ad0f1295587b439f9950ba
EPSS
Процентиль: 8%
0.00034
Низкий
Связанные уязвимости
CVSS3: 5.5
ubuntu
8 месяцев назад
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
CVSS3: 5.5
redhat
8 месяцев назад
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
CVSS3: 5.5
nvd
8 месяцев назад
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
EPSS
Процентиль: 8%
0.00034
Низкий