Libsndfile Project: >> Libsndfile >> 1.0.30 Security Vulnerabilities
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-10-27
libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.
CVSS Score
6.5
EPSS Score
0.0
Published
2024-10-27
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
CVSS Score
8.8
EPSS Score
0.012
Published
2021-07-20