Xiphorg Libvorbis
By the Year
In 2024 there have been 0 vulnerabilities in Xiphorg Libvorbis . Libvorbis did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 1 | 6.50 |
2019 | 0 | 0.00 |
2018 | 2 | 8.15 |
It may take a day or so for new Libvorbis vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Xiphorg Libvorbis Security Vulnerabilities
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking
CVE-2020-20412
6.5 - Medium
- December 26, 2020
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146.
out-of-bounds array index
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which
CVE-2018-10392
8.8 - High
- April 26, 2018
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.
Out-of-bounds Read
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
CVE-2018-10393
7.5 - High
- April 26, 2018
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
Out-of-bounds Read
The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5
CVE-2017-14160
8.8 - High
- September 21, 2017
The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file.
Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by Xiphorg? Click the Watch button to subscribe.