VYPR

Libcdio

by GNU

CVEs (5)

  • CVE-2017-18201CriFeb 26, 2018
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

  • CVE-2017-18198HigFeb 24, 2018
    risk 0.57cvss 8.8epss 0.04

    print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.

  • CVE-2017-18199MedFeb 24, 2018
    risk 0.43cvss 6.5epss 0.03

    realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

  • CVE-2007-6613Jan 3, 2008
    risk 0.04cvss epss 0.13

    Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code…

  • CVE-2024-36600Jun 14, 2024
    risk 0.00cvss epss 0.00

    Buffer Overflow Vulnerability in libcdio 2.2.0 (fixed in 2.3.0) allows an attacker to execute arbitrary code via a crafted ISO 9660 image file.