AVG-1387 log

Package wavpack
Status Fixed
Severity Medium
Type arbitrary code execution
Affected 5.3.0-1
Fixed 5.3.0-2
Current 5.4.0-1 [extra]
Ticket FS#69234
Created Mon Dec 28 08:32:17 2020
Issue Severity Remote Type Description
CVE-2020-35738 Medium No Arbitrary code execution
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument.
Date Advisory Package Type
12 Jan 2021 ASA-202101-23 wavpack arbitrary code execution