Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-10537

Опубликовано: 22 апр. 2018
Источник: redhat
CVSS3: 7.8
EPSS Низкий

Описание

An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6wavpackNot affected
Red Hat Enterprise Linux 7wavpackNot affected
Red Hat Enterprise Linux 8wavpackNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=1574726wavpack: out of bounds write in ParseWave64HeaderConfig in wave64.c

EPSS

Процентиль: 76%
0.00962
Низкий

7.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-10537

CVSS3: 7.8
ubuntu
почти 8 лет назад

An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.

nvd логотип

CVE-2018-10537

CVSS3: 7.8
nvd
почти 8 лет назад

An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.

debian логотип

CVE-2018-10537

CVSS3: 7.8
debian
почти 8 лет назад

An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser c ...

github логотип

GHSA-h93h-48cq-mpcw

CVSS3: 7.8
github
больше 3 лет назад

An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.

suse-cvrf логотип

openSUSE-SU-2021:0154-1

suse-cvrf
около 5 лет назад

Security update for wavpack

EPSS

Процентиль: 76%
0.00962
Низкий

7.8 High

CVSS3