exploitDog

GHSA-947x-m4f9-3h48

Опубликовано: 20 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of owntone-server commit b7e385f allows attackers to cause a Denial of Service (DoS) via sending a crafted DACP request to the server.

A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of owntone-server commit b7e385f allows attackers to cause a Denial of Service (DoS) via sending a crafted DACP request to the server.

Ссылки

EPSS

Процентиль: 14%

0.00046

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-476

Связанные уязвимости

CVE-2025-63648

CVSS3: 7.5

nvd

18 дней назад

A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of owntone-server commit b7e385f allows attackers to cause a Denial of Service (DoS) via sending a crafted DACP request to the server.

EPSS

Процентиль: 14%

0.00046

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-476