VYPR

Audio File Library

by Audio File Library

CVEs (3)

  • CVE-2019-18796MedOct 16, 2020
    risk 0.42cvss 6.5epss 0.01

    The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Denial of Service vulnerability (infinite loop) via a crafted .mp3 file. This weakness could allow attackers to consume excessive CPU and the application becomes unresponsive.

  • CVE-2019-18794MedOct 16, 2020
    risk 0.42cvss 6.5epss 0.01

    The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial…

  • CVE-2018-13440MedJul 8, 2018
    risk 0.42cvss 6.5epss 0.03

    The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.