Flac Project: >> Flac >> 1.2.1 Security Vulnerabilities
Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.
CVSS Score
7.8
EPSS Score
0.004
Published
2023-08-22
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-04-25