VYPR

rpm package

opensuse/owntone&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/owntone&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2025-63648Jan 20, 2026
    affected < 29.0-2.1fixed 29.0-2.1

    A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/httpd_dacp.c) of owntone-server commit b7e385f allows attackers to cause a Denial of Service (DoS) via sending a crafted DACP request to the server.

  • CVE-2021-38383Aug 10, 2021
    affected < 28.2-1.2fixed 28.2-1.2

    OwnTone (aka owntone-server) through 28.1 has a use-after-free in net_bind() in misc.c.