Wavpack
By the Year
In 2024 there have been 0 vulnerabilities in Wavpack . Wavpack did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 2 | 5.50 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 4 | 5.75 |
2018 | 10 | 6.65 |
It may take a day or so for new Wavpack vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Wavpack Security Vulnerabilities
A null pointer dereference bug was found in wavpack-5.4.0 The results
CVE-2022-2476
5.5 - Medium
- July 19, 2022
A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6 bp 0x7fff13952fb0 sp 0x7fff1394fca0 T0) ==84257==The signal is caused by a WRITE memory access. ==84257==Hint: address points to the zero page. #0 0x561b47a970c5 in main cli/wvunpack.c:834 #1 0x7efc4f5c0082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #2 0x561b47a945ed in _start (/usr/local/bin/wvunpack+0xa5ed) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV cli/wvunpack.c:834 in main ==84257==ABORTING
NULL Pointer Dereference
An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files
CVE-2021-44269
5.5 - Medium
- March 10, 2022
An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.
Out-of-bounds Read
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero
CVE-2019-1010315
5.5 - Medium
- July 11, 2019
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc.
Divide By Zero
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable
CVE-2019-1010317
5.5 - Medium
- July 11, 2019
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b.
Use of Uninitialized Resource
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable
CVE-2019-1010319
5.5 - Medium
- July 11, 2019
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:211). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe.
Use of Uninitialized Resource
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file
CVE-2019-11498
6.5 - Medium
- April 24, 2019
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data.
Access of Uninitialized Pointer
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0
CVE-2018-19840
5.5 - Medium
- December 04, 2018
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero.
Infinite Loop
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0
CVE-2018-19841
5.5 - Medium
- December 04, 2018
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
Out-of-bounds Read
An issue was discovered in WavPack 5.1.0 and earlier
CVE-2018-10536
7.8 - High
- April 29, 2018
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.
Memory Corruption
An issue was discovered in WavPack 5.1.0 and earlier
CVE-2018-10537
7.8 - High
- April 29, 2018
An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.
Buffer Overflow
An issue was discovered in WavPack 5.1.0 and earlier for WAV input
CVE-2018-10538
5.5 - Medium
- April 29, 2018
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
Memory Corruption
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input
CVE-2018-10539
5.5 - Medium
- April 29, 2018
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
Memory Corruption
An issue was discovered in WavPack 5.1.0 and earlier for W64 input
CVE-2018-10540
5.5 - Medium
- April 29, 2018
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
Memory Corruption
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0
CVE-2018-7253
7.8 - High
- February 19, 2018
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.
Out-of-bounds Read
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0
CVE-2018-7254
7.8 - High
- February 19, 2018
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file.
Out-of-bounds Read
A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0
CVE-2018-6767
7.8 - High
- February 06, 2018
A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file.
Out-of-bounds Read