speex

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A free codec for free speech
Version 1.2.0-3 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-2544 1.2.0-3 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2020-23904 AVG-2544 Medium Yes Arbitrary code execution
A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.
CVE-2020-23903 AVG-2544 Low Yes Denial of service
A divide by zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.