Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Vorbis codec library (32-bit)
Version 1.3.7-1 [multilib]


Group Affected Fixed Severity Status Ticket
AVG-658 1.3.5-1 1.3.6-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2018-5146 AVG-658 Critical Yes Arbitrary code execution
An out of bounds memory write vulnerability has been discovered in libvorbis before 1.3.6 while processing Vorbis audio data related to codebooks that are...
CVE-2017-14633 AVG-658 Medium Yes Denial of service
In Xiph.Org libvorbis before 1.3.6, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS...
CVE-2017-14632 AVG-658 Critical Yes Arbitrary code execution
fXiph.Org libvorbis before 1.3.6 allows remote code execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when...


Date Advisory Group Severity Type
19 Mar 2018 ASA-201803-21 AVG-658 Critical multiple issues