Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for vorbis-tools by xiph
CVE-2023-43361 (GCVE-0-2023-43361)
Vulnerability from nvd – Published: 2023-10-02 00:00 – Updated: 2025-11-04 22:04
VLAI?
Summary
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T22:04:59.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xiph/vorbis-tools/issues/41"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xiph/vorbis-tools"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xiph/vorbis"
},
{
"tags": [
"x_transferred"
],
"url": "https://xiph.org/vorbis/"
},
{
"name": "FEDORA-2024-faff3dd9d6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GJKTWQXOZDMCXVEFCQZVH3F3FQYMNYLI/"
},
{
"name": "FEDORA-2024-5f8da7c1f1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T47YXGRUCUKN7WEOHUEIUNJ2KZ2C2IDN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GJKTWQXOZDMCXVEFCQZVH3F3FQYMNYLI/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T47YXGRUCUKN7WEOHUEIUNJ2KZ2C2IDN/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-27T03:06:25.268Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/xiph/vorbis-tools/issues/41"
},
{
"url": "https://github.com/xiph/vorbis-tools"
},
{
"url": "https://github.com/xiph/vorbis"
},
{
"url": "https://xiph.org/vorbis/"
},
{
"name": "FEDORA-2024-faff3dd9d6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GJKTWQXOZDMCXVEFCQZVH3F3FQYMNYLI/"
},
{
"name": "FEDORA-2024-5f8da7c1f1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T47YXGRUCUKN7WEOHUEIUNJ2KZ2C2IDN/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-43361",
"datePublished": "2023-10-02T00:00:00.000Z",
"dateReserved": "2023-09-18T00:00:00.000Z",
"dateUpdated": "2025-11-04T22:04:59.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2017-11331 (GCVE-0-2017-11331)
Vulnerability from nvd – Published: 2017-07-31 13:00 – Updated: 2024-08-05 18:05
VLAI?
Summary
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Date Public ?
2017-07-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42397/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Jul/80"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-11T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42397/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2017/Jul/80"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42397",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42397/"
},
{
"name": "http://seclists.org/fulldisclosure/2017/Jul/80",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2017/Jul/80"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11331",
"datePublished": "2017-07-31T13:00:00.000Z",
"dateReserved": "2017-07-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:05:30.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-6749 (GCVE-0-2015-6749)
Vulnerability from nvd – Published: 2015-09-21 19:00 – Updated: 2024-08-06 07:29
VLAI?
Summary
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2015-08-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:29:24.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150828 CVE request: vorbis-tools: buffer overflow in aiff_open()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2015/q3/455"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258424"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461"
},
{
"name": "FEDORA-2015-14663",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166424.html"
},
{
"name": "[oss-security] 20150830 Re: CVE request: vorbis-tools: buffer overflow in aiff_open()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2015/q3/457"
},
{
"name": "openSUSE-SU-2015:1686",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258443"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://trac.xiph.org/ticket/2212"
},
{
"name": "FEDORA-2015-14664",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165555.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150828 CVE request: vorbis-tools: buffer overflow in aiff_open()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2015/q3/455"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258424"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461"
},
{
"name": "FEDORA-2015-14663",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166424.html"
},
{
"name": "[oss-security] 20150830 Re: CVE request: vorbis-tools: buffer overflow in aiff_open()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2015/q3/457"
},
{
"name": "openSUSE-SU-2015:1686",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258443"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://trac.xiph.org/ticket/2212"
},
{
"name": "FEDORA-2015-14664",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165555.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6749",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150828 CVE request: vorbis-tools: buffer overflow in aiff_open()",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2015/q3/455"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258424",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258424"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461"
},
{
"name": "FEDORA-2015-14663",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166424.html"
},
{
"name": "[oss-security] 20150830 Re: CVE request: vorbis-tools: buffer overflow in aiff_open()",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2015/q3/457"
},
{
"name": "openSUSE-SU-2015:1686",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00013.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258443",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258443"
},
{
"name": "https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch"
},
{
"name": "https://trac.xiph.org/ticket/2212",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/ticket/2212"
},
{
"name": "FEDORA-2015-14664",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165555.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-6749",
"datePublished": "2015-09-21T19:00:00.000Z",
"dateReserved": "2015-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:29:24.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9640 (GCVE-0-2014-9640)
Vulnerability from nvd – Published: 2015-01-23 15:00 – Updated: 2024-08-06 13:47
VLAI?
Summary
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2014-02-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2015-1253",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0051.html"
},
{
"name": "[oss-security] 20150121 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://trac.xiph.org/changeset/19117"
},
{
"name": "openSUSE-SU-2015:0231",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "MDVSA-2015:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:037"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://trac.xiph.org/ticket/2009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-16T17:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2015-1253",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0051.html"
},
{
"name": "[oss-security] 20150121 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://trac.xiph.org/changeset/19117"
},
{
"name": "openSUSE-SU-2015:0231",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "MDVSA-2015:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:037"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://trac.xiph.org/ticket/2009"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-1253",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0051.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0051.html"
},
{
"name": "[oss-security] 20150121 Re: CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/6"
},
{
"name": "https://trac.xiph.org/changeset/19117",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/changeset/19117"
},
{
"name": "openSUSE-SU-2015:0231",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "MDVSA-2015:037",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:037"
},
{
"name": "https://trac.xiph.org/ticket/2009",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/ticket/2009"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9640",
"datePublished": "2015-01-23T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9639 (GCVE-0-2014-9639)
Vulnerability from nvd – Published: 2015-01-23 15:00 – Updated: 2024-08-06 13:47
VLAI?
Summary
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2014-12-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "72295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72295"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "FEDORA-2015-2335",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "openSUSE-SU-2015:0522",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trac.xiph.org/ticket/2136"
},
{
"name": "FEDORA-2015-2330",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-23T16:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "72295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72295"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "FEDORA-2015-2335",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "openSUSE-SU-2015:0522",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trac.xiph.org/ticket/2136"
},
{
"name": "FEDORA-2015-2330",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-9639",
"datePublished": "2015-01-23T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9638 (GCVE-0-2014-9638)
Vulnerability from nvd – Published: 2015-01-23 15:00 – Updated: 2024-08-06 13:47
VLAI?
Summary
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2014-12-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trac.xiph.org/ticket/2137"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "FEDORA-2015-2335",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "openSUSE-SU-2015:0522",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"name": "FEDORA-2015-2330",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
},
{
"name": "72290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-23T16:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trac.xiph.org/ticket/2137"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "FEDORA-2015-2335",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "openSUSE-SU-2015:0522",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"name": "FEDORA-2015-2330",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
},
{
"name": "72290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72290"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-9638",
"datePublished": "2015-01-23T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-43361 (GCVE-0-2023-43361)
Vulnerability from cvelistv5 – Published: 2023-10-02 00:00 – Updated: 2025-11-04 22:04
VLAI?
Summary
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T22:04:59.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xiph/vorbis-tools/issues/41"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xiph/vorbis-tools"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/xiph/vorbis"
},
{
"tags": [
"x_transferred"
],
"url": "https://xiph.org/vorbis/"
},
{
"name": "FEDORA-2024-faff3dd9d6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GJKTWQXOZDMCXVEFCQZVH3F3FQYMNYLI/"
},
{
"name": "FEDORA-2024-5f8da7c1f1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T47YXGRUCUKN7WEOHUEIUNJ2KZ2C2IDN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GJKTWQXOZDMCXVEFCQZVH3F3FQYMNYLI/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T47YXGRUCUKN7WEOHUEIUNJ2KZ2C2IDN/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-27T03:06:25.268Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/xiph/vorbis-tools/issues/41"
},
{
"url": "https://github.com/xiph/vorbis-tools"
},
{
"url": "https://github.com/xiph/vorbis"
},
{
"url": "https://xiph.org/vorbis/"
},
{
"name": "FEDORA-2024-faff3dd9d6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GJKTWQXOZDMCXVEFCQZVH3F3FQYMNYLI/"
},
{
"name": "FEDORA-2024-5f8da7c1f1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T47YXGRUCUKN7WEOHUEIUNJ2KZ2C2IDN/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-43361",
"datePublished": "2023-10-02T00:00:00.000Z",
"dateReserved": "2023-09-18T00:00:00.000Z",
"dateUpdated": "2025-11-04T22:04:59.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2017-11331 (GCVE-0-2017-11331)
Vulnerability from cvelistv5 – Published: 2017-07-31 13:00 – Updated: 2024-08-05 18:05
VLAI?
Summary
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Date Public ?
2017-07-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42397/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Jul/80"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-11T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42397",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42397/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2017/Jul/80"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42397",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42397/"
},
{
"name": "http://seclists.org/fulldisclosure/2017/Jul/80",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2017/Jul/80"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11331",
"datePublished": "2017-07-31T13:00:00.000Z",
"dateReserved": "2017-07-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:05:30.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-6749 (GCVE-0-2015-6749)
Vulnerability from cvelistv5 – Published: 2015-09-21 19:00 – Updated: 2024-08-06 07:29
VLAI?
Summary
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2015-08-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:29:24.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150828 CVE request: vorbis-tools: buffer overflow in aiff_open()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2015/q3/455"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258424"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461"
},
{
"name": "FEDORA-2015-14663",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166424.html"
},
{
"name": "[oss-security] 20150830 Re: CVE request: vorbis-tools: buffer overflow in aiff_open()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2015/q3/457"
},
{
"name": "openSUSE-SU-2015:1686",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258443"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://trac.xiph.org/ticket/2212"
},
{
"name": "FEDORA-2015-14664",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165555.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150828 CVE request: vorbis-tools: buffer overflow in aiff_open()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2015/q3/455"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258424"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461"
},
{
"name": "FEDORA-2015-14663",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166424.html"
},
{
"name": "[oss-security] 20150830 Re: CVE request: vorbis-tools: buffer overflow in aiff_open()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2015/q3/457"
},
{
"name": "openSUSE-SU-2015:1686",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258443"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://trac.xiph.org/ticket/2212"
},
{
"name": "FEDORA-2015-14664",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165555.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6749",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150828 CVE request: vorbis-tools: buffer overflow in aiff_open()",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2015/q3/455"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258424",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258424"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797461"
},
{
"name": "FEDORA-2015-14663",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166424.html"
},
{
"name": "[oss-security] 20150830 Re: CVE request: vorbis-tools: buffer overflow in aiff_open()",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2015/q3/457"
},
{
"name": "openSUSE-SU-2015:1686",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00013.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258443",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258443"
},
{
"name": "https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch"
},
{
"name": "https://trac.xiph.org/ticket/2212",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/ticket/2212"
},
{
"name": "FEDORA-2015-14664",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165555.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-6749",
"datePublished": "2015-09-21T19:00:00.000Z",
"dateReserved": "2015-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:29:24.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9638 (GCVE-0-2014-9638)
Vulnerability from cvelistv5 – Published: 2015-01-23 15:00 – Updated: 2024-08-06 13:47
VLAI?
Summary
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2014-12-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trac.xiph.org/ticket/2137"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "FEDORA-2015-2335",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "openSUSE-SU-2015:0522",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"name": "FEDORA-2015-2330",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
},
{
"name": "72290",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72290"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-23T16:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trac.xiph.org/ticket/2137"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "FEDORA-2015-2335",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "openSUSE-SU-2015:0522",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"name": "FEDORA-2015-2330",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
},
{
"name": "72290",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72290"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-9638",
"datePublished": "2015-01-23T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9640 (GCVE-0-2014-9640)
Vulnerability from cvelistv5 – Published: 2015-01-23 15:00 – Updated: 2024-08-06 13:47
VLAI?
Summary
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2014-02-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2015-1253",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0051.html"
},
{
"name": "[oss-security] 20150121 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://trac.xiph.org/changeset/19117"
},
{
"name": "openSUSE-SU-2015:0231",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "MDVSA-2015:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:037"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://trac.xiph.org/ticket/2009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-16T17:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2015-1253",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0051.html"
},
{
"name": "[oss-security] 20150121 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://trac.xiph.org/changeset/19117"
},
{
"name": "openSUSE-SU-2015:0231",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "MDVSA-2015:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:037"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://trac.xiph.org/ticket/2009"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-1253",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148852.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0051.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0051.html"
},
{
"name": "[oss-security] 20150121 Re: CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/6"
},
{
"name": "https://trac.xiph.org/changeset/19117",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/changeset/19117"
},
{
"name": "openSUSE-SU-2015:0231",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00032.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "MDVSA-2015:037",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:037"
},
{
"name": "https://trac.xiph.org/ticket/2009",
"refsource": "CONFIRM",
"url": "https://trac.xiph.org/ticket/2009"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9640",
"datePublished": "2015-01-23T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9639 (GCVE-0-2014-9639)
Vulnerability from cvelistv5 – Published: 2015-01-23 15:00 – Updated: 2024-08-06 13:47
VLAI?
Summary
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2014-12-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "72295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72295"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "FEDORA-2015-2335",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "openSUSE-SU-2015:0522",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trac.xiph.org/ticket/2136"
},
{
"name": "FEDORA-2015-2330",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-23T16:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "72295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72295"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "FEDORA-2015-2335",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "openSUSE-SU-2015:0522",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trac.xiph.org/ticket/2136"
},
{
"name": "FEDORA-2015-2330",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-9639",
"datePublished": "2015-01-23T15:00:00.000Z",
"dateReserved": "2015-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:47:41.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}