Your submission was sent successfully! Close

CVE-2018-11439

Published: 30 May 2018

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
taglib
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Needed

cosmic Ignored
(reached end-of-life)
disco Not vulnerable
(1.11.1+dfsg.1-0.3)
eoan Not vulnerable
(1.11.1+dfsg.1-0.3)
focal Not vulnerable
(1.11.1+dfsg.1-0.3)
groovy Not vulnerable
(1.11.1+dfsg.1-0.3)
hirsute Not vulnerable
(1.11.1+dfsg.1-0.3)
impish Not vulnerable
(1.11.1+dfsg.1-0.3)
jammy Not vulnerable
(1.11.1+dfsg.1-0.3)
precise Does not exist

trusty Does not exist
(trusty was needs-triage)
upstream
Released (1.11.1+dfsg.1-0.3, 1.9.1-2.1+deb8u1)
xenial Needed