rpm package
almalinux/libvorbis-devel
pkg:rpm/almalinux/libvorbis-devel
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-10393 | — | < 1:1.3.6-2.el8 | 1:1.3.6-2.el8 | Apr 26, 2018 | bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | ||
| CVE-2018-10392 | — | < 1:1.3.6-2.el8 | 1:1.3.6-2.el8 | Apr 26, 2018 | mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. |
- CVE-2018-10393Apr 26, 2018affected < 1:1.3.6-2.el8fixed 1:1.3.6-2.el8
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
- CVE-2018-10392Apr 26, 2018affected < 1:1.3.6-2.el8fixed 1:1.3.6-2.el8
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.