Xiph.org: >> Libvorbis >> 1.3.2 Security Vulnerabilities
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-12-26