VYPR

Music Player Daemon

by Musicpd

CVEs (1)

  • CVE-2022-48363HigFeb 26, 2023
    risk 0.49cvss 7.5epss 0.01

    In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.