Back to search
CVE-2019-1010317
Published: Jul 11, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b.
| Vendor | Product | Versions |
|---|---|---|
WavPack | WavPack | affected 5.1.0 and earlier [fixed: After commit https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b] |
Weaknesses (CWE)
References
https://github.com/dbry/WavPack/issues/66
x_refsource_MISC
USN-4062-1
vendor-advisory
x_refsource_UBUNTU
FEDORA-2019-c72f5f6361
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-8eeb8f9d3f
vendor-advisory
x_refsource_FEDORA
FEDORA-2020-e55567b6be
vendor-advisory
x_refsource_FEDORA
FEDORA-2020-73274c9df4
vendor-advisory
x_refsource_FEDORA
[debian-lts-announce] 20210115 [SECURITY] [DLA 2525-1] wavpack security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now