Lucene search
Cloud FoundryCFOUNDRY:67C2CF8C0EB91EC03DBADBF933852138HistoryDec 10, 2018 - 12:00 a.m.
USN-3839-1: WavPack vulnerabilities | Cloud Foundry
2018-12-1000:00:00
Cloud Foundry
www.cloudfoundry.org
12
0.002 Low
EPSS
Percentile
56.6%
Severity
Medium
Vendor
Canonical Ubuntu
Versions Affected
- Canonical Ubuntu 18.04
Description
It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-19840, CVE-2018-19841)
CVEs contained in this USN include: CVE-2018-19840, CVE-2018-19841
Affected Cloud Foundry Products and Versions
Severity is medium unless otherwise noted.
- All versions of Cloud Foundry cflinuxfs3 prior to 0.46.0
Mitigation
Users of affected products are strongly encouraged to follow one of the mitigations below:
- The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.46.0 or later.
References
Related
nessus
nessus
SUSE SLED15 / SLES15 Security Update : wavpack (SUSE-SU-2019:0772-1)
2019-03-28 00:00:00
EulerOS 2.0 SP8 : wavpack (EulerOS-SA-2019-1831)
2019-08-27 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: wavpack-5.1.0-12.fc29
2019-04-16 04:05:09
[SECURITY] Fedora 30 Update: wavpack-5.1.0-12.fc30
2019-04-13 00:10:21
[SECURITY] Fedora 29 Update: wavpack-5.1.0-13.fc29
2019-06-04 02:22:29
openvas
openvas
Fedora Update for wavpack FEDORA-2019-88f264563f
2019-05-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0772-1)
2021-06-09 00:00:00
Ubuntu: Security Advisory (USN-3839-1)
2018-12-07 00:00:00
suse
suse
Security update for wavpack (moderate)
2019-04-05 00:00:00
Security update for wavpack (moderate)
2021-01-24 00:00:00
Security update for wavpack (moderate)
2021-01-24 00:00:00
ubuntu
ubuntu
WavPack vulnerabilities
2018-12-06 00:00:00
gentoo
gentoo
WavPack: Multiple vulnerabilities
2020-07-27 00:00:00
redhatcve
redhatcve
CVE-2018-19841
2020-04-08 05:18:42
CVE-2018-19840
2020-04-08 21:09:40
cvelist
cvelist
CVE-2018-19841
2018-12-04 09:00:00
CVE-2018-19840
2018-12-04 09:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-29 02:45:54
Denial Of Service (DoS)
2020-04-29 02:45:54
debiancve
debiancve
CVE-2018-19840
2018-12-04 09:29:00
CVE-2018-19841
2018-12-04 09:29:00
cve
cve
CVE-2018-19841
2018-12-04 09:29:00
CVE-2018-19840
2018-12-04 09:29:00
prion
prion
Out-of-bounds
2018-12-04 09:29:00
Code injection
2018-12-04 09:29:00
alpinelinux
alpinelinux
CVE-2018-19841
2018-12-04 09:29:00
CVE-2018-19840
2018-12-04 09:29:00
ubuntucve
ubuntucve
CVE-2018-19841
2018-12-04 00:00:00
CVE-2018-19840
2018-12-04 00:00:00
osv
osv
CVE-2018-19841
2018-12-04 09:29:00
CVE-2018-19840
2018-12-04 09:29:00
Low: wavpack security update
2020-04-28 08:53:05
nvd
nvd
CVE-2018-19841
2018-12-04 09:29:00
CVE-2018-19840
2018-12-04 09:29:00
redhat
redhat
(RHSA-2020:1581) Low: wavpack security update
2020-04-28 08:53:05
oraclelinux
oraclelinux
wavpack security update
2020-05-05 00:00:00
rocky
rocky
wavpack security update
2020-04-28 08:53:05
almalinux
almalinux
Low: wavpack security update
2020-04-28 08:53:05
debian
debian
[SECURITY] [DLA 2525-1] wavpack security update
2021-01-15 10:28:51
slackware
slackware
[slackware-security] wavpack
2019-12-19 23:44:00
mageia
mageia
Updated wavpack packages fix security vulnerabilities
2019-01-23 18:50:09
rosalinux
rosalinux
Advisory ROSA-SA-2021-1995
2021-07-02 18:19:37