VYPR

rpm package

suse/audiofile&distro=SUSE Linux Enterprise Module for Desktop Applications 15

pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015

Vulnerabilities (2)

  • CVE-2018-17095HigSep 16, 2018
    affected < 0.3.6-3.3.1fixed 0.3.6-3.3.1

    An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.

  • CVE-2018-13440MedJul 8, 2018
    affected < 0.3.6-3.7.10fixed 0.3.6-3.7.10

    The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.