exploitDog

GHSA-99w4-659f-342w

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file.

lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file.

Ссылки

EPSS

Процентиль: 62%

0.00433

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-129

Связанные уязвимости

CVE-2020-20412

CVSS3: 6.5

nvd

около 5 лет назад

lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146.

EPSS

Процентиль: 62%

0.00433

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-129