6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.8%
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode.
Security Fix(es):
wawpack: Infinite loop in WavpackPackInit function lead to DoS (CVE-2018-19840)
wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads to DoS (CVE-2018-19841)
wavpack: Use of uninitialized variable in WavpackSetConfiguration64 leads to DoS (CVE-2019-11498)
wavpack: Divide by zero in ParseDsdiffHeaderConfig leads to crash (CVE-2019-1010315)
wavpack: Use of uninitialized variable in ParseCaffHeaderConfig leads to DoS (CVE-2019-1010317)
wavpack: Use of uninitialized variable in ParseWave64HeaderConfig leads to DoS (CVE-2019-1010319)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
almalinux | 8 | aarch64 | wavpack-devel | < 5.1.0-15.el8 | wavpack-devel-5.1.0-15.el8.aarch64.rpm |
almalinux | 8 | aarch64 | wavpack | < 5.1.0-15.el8 | wavpack-5.1.0-15.el8.aarch64.rpm |
almalinux | 8 | x86_64 | wavpack-devel | < 5.1.0-15.el8 | wavpack-devel-5.1.0-15.el8.x86_64.rpm |
almalinux | 8 | x86_64 | wavpack | < 5.1.0-15.el8 | wavpack-5.1.0-15.el8.x86_64.rpm |
almalinux | 8 | i686 | wavpack-devel | < 5.1.0-15.el8 | wavpack-devel-5.1.0-15.el8.i686.rpm |
almalinux | 8 | i686 | wavpack | < 5.1.0-15.el8 | wavpack-5.1.0-15.el8.i686.rpm |
almalinux | 8 | ppc64le | wavpack-devel | < 5.1.0-15.el8 | wavpack-devel-5.1.0-15.el8.ppc64le.rpm |
almalinux | 8 | ppc64le | wavpack | < 5.1.0-15.el8 | wavpack-5.1.0-15.el8.ppc64le.rpm |
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.8%