rpm package
almalinux/libvorbis-devel
pkg:rpm/almalinux/libvorbis-devel
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-10393 | Hig | 7.5 | < 1:1.3.6-2.el8 | 1:1.3.6-2.el8 | Apr 26, 2018 | bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | |
| CVE-2018-10392 | Hig | 8.8 | < 1:1.3.6-2.el8 | 1:1.3.6-2.el8 | Apr 26, 2018 | mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. |
- affected < 1:1.3.6-2.el8fixed 1:1.3.6-2.el8
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
- affected < 1:1.3.6-2.el8fixed 1:1.3.6-2.el8
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.