VYPR

rpm package

suse/audiofile&distro=SUSE Linux Enterprise Software Development Kit 12 SP4

pkg:rpm/suse/audiofile&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4

Vulnerabilities (2)

  • CVE-2018-17095HigSep 16, 2018
    affected < 0.3.6-11.3.1fixed 0.3.6-11.3.1

    An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.

  • CVE-2018-13440MedJul 8, 2018
    affected < 0.3.6-11.7.8fixed 0.3.6-11.7.8

    The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.