CVE-2024-50613

Опубликовано: 27 окт. 2024

Источник: debian

EPSS Низкий

Описание

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

Пакет	Статус	Релиз	Тип
libsndfile	unfixed		package
libsndfile	postponed	trixie	package
libsndfile	postponed	bookworm	package
libsndfile	ignored	bullseye	package

https://github.com/libsndfile/libsndfile/issues/1034
Issue reachable after enabling mp3 encoder (by linking against lame). Only done
in the packaging since debian/1.1.0-1 (starting in bookworm) with
https://salsa.debian.org/multimedia-team/libsndfile/-/commit/ef6944427e1e4b39f634bfb3af2ddc6071810aaa

EPSS

Процентиль: 6%

0.00025

Низкий

CVE-2024-50613

CVSS3: 6.5

ubuntu

около 1 года назад

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

CVE-2024-50613

CVSS3: 6.5

redhat

около 1 года назад

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

CVE-2024-50613

CVSS3: 6.5

nvd

около 1 года назад

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

CVE-2024-50613

msrc

4 месяца назад

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

GHSA-425f-273g-699h

CVSS3: 6.5

github

около 1 года назад

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

EPSS

Процентиль: 6%

0.00025

Низкий