CVE-2023-47466

Опубликовано: 22 мая 2025

Источник: redhat

CVSS3: 2.5

EPSS Низкий

Описание

TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.

A flaw was found in TagLib, a library for reading and editing the metadata of several popular audio formats. TagLib before version 2.0 is subject to a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	taglib	Fix deferred
Red Hat Enterprise Linux 6	taglib	Fix deferred
Red Hat Enterprise Linux 7	taglib	Fix deferred
Red Hat Enterprise Linux 8	taglib	Fix deferred
Red Hat Enterprise Linux 9	taglib	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=2368007taglib: TagLib segmentation violation

EPSS

Процентиль: 1%

0.00008

Низкий

2.5 Low

CVSS3

Связанные уязвимости

CVE-2023-47466

CVSS3: 2.9

ubuntu

9 месяцев назад

TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.

CVE-2023-47466

CVSS3: 2.9

nvd

9 месяцев назад

TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.

CVE-2023-47466

CVSS3: 2.9

debian

9 месяцев назад

TagLib before 2.0 allows a segmentation violation and application cras ...

SUSE-SU-2025:4501-1

suse-cvrf

около 2 месяцев назад

Security update for taglib

GHSA-63jr-j347-v237

CVSS3: 2.9

github

9 месяцев назад

TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.

EPSS

Процентиль: 1%

0.00008

Низкий

2.5 Low

CVSS3