Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-5733-1
HistoryNov 21, 2022 - 1:32 p.m.

flac vulnerabilities

2022-11-2113:32:08
Google
osv.dev
3

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

81.3%

JSON

It was discovered that FLAC was not properly performing memory management
operations, which could result in a memory leak. An attacker could possibly
use this issue to cause FLAC to consume resources, leading to a denial of
service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and
Ubuntu 18.04 LTS. (CVE-2017-6888)

It was discovered that FLAC was not properly performing bounds checking
operations when decoding data. If a user or automated system were tricked
into processing a specially crafted file, an attacker could possibly use
this issue to expose sensitive information or to cause FLAC to crash,
leading to a denial of service. This issue only affected Ubuntu 14.04 ESM,
Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-0499)

It was discovered that FLAC was not properly performing bounds checking
operations when encoding data. If a user or automated system were tricked
into processing a specially crafted file, an attacker could possibly use
this issue to expose sensitive information or to cause FLAC to crash,
leading to a denial of service. (CVE-2021-0561)

Related

nessus 56
ubuntu 1
openvas 45
cloudfoundry 1
osv 8
debian 3
fedora 7
slackware 1
alpinelinux 3
cve 3
redhatcve 3
prion 3
mageia 3
suse 4
ubuntucve 3
veracode 3
debiancve 3
freebsd 2
oraclelinux 1
almalinux 1
amazon 1
redhat 1
rocky 1
androidsecurity 1
nessus
nessus
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : FLAC vulnerabilities (USN-5733-1)
2022-11-21 00:00:00
Fedora 33 : mingw-flac (2021-ed9c13a1d5)
2021-02-25 00:00:00
Debian DLA-2514-1 : flac security update
2021-01-05 00:00:00
ubuntu
ubuntu
FLAC vulnerabilities
2022-11-21 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5733-1)
2022-11-22 00:00:00
Fedora: Security Advisory for mingw-flac (FEDORA-2021-a48ccc6754)
2021-02-25 00:00:00
Debian: Security Advisory (DLA-2514-1)
2021-01-05 00:00:00
cloudfoundry
cloudfoundry
USN-5733-1: FLAC vulnerabilities | Cloud Foundry
2022-12-07 00:00:00
osv
osv
flac - security update
2021-01-04 00:00:00
CVE-2017-6888
2018-04-25 21:29:00
CVE-2020-0499
2020-12-15 16:15:14
debian
debian
[SECURITY] [DLA 2514-1] flac security update
2021-01-04 07:09:24
[SECURITY] [DLA 2951-1] flac security update
2022-03-16 21:27:45
[SECURITY] [DLA 3094-1] flac security update
2022-09-03 20:46:08
fedora
fedora
[SECURITY] Fedora 33 Update: mingw-flac-1.3.3-1.fc33
2021-02-24 20:42:32
[SECURITY] Fedora 32 Update: mingw-flac-1.3.3-1.fc32
2021-02-24 20:46:55
[SECURITY] Fedora 28 Update: flac-1.3.2-7.fc28
2018-05-09 21:28:44
slackware
slackware
[slackware-security] flac
2022-02-21 20:09:13
alpinelinux
alpinelinux
CVE-2017-6888
2018-04-25 21:29:00
CVE-2020-0499
2020-12-15 16:15:00
CVE-2021-0561
2021-06-22 11:15:00
cve
cve
CVE-2017-6888
2018-04-25 21:29:00
CVE-2020-0499
2020-12-15 16:15:00
CVE-2021-0561
2021-06-22 11:15:00
redhatcve
redhatcve
CVE-2017-6888
2018-04-30 05:29:54
CVE-2020-0499
2020-12-21 17:56:24
CVE-2021-0561
2022-02-24 06:00:03
prion
prion
Design/Logic Flaw
2018-04-25 21:29:00
Heap overflow
2020-12-15 16:15:00
Out-of-bounds
2021-06-22 11:15:00
mageia
mageia
Updated flac packages fix security vulnerability
2018-05-09 21:33:09
Updated flac packages fix security vulnerability
2020-12-29 14:57:17
Updated flac packages fix security vulnerability
2022-03-06 13:40:17
suse
suse
Security update for flac (low)
2019-04-17 00:00:00
Security update for flac (moderate)
2022-03-14 00:00:00
Security update for flac (moderate)
2020-12-28 00:00:00
ubuntucve
ubuntucve
CVE-2017-6888
2018-04-25 00:00:00
CVE-2020-0499
2020-12-15 00:00:00
CVE-2021-0561
2021-06-22 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Memory Leaks
2018-04-26 02:15:16
Information Disclosure
2020-12-21 23:58:35
Information Disclosure
2022-02-22 12:52:51
debiancve
debiancve
CVE-2017-6888
2018-04-25 21:29:00
CVE-2020-0499
2020-12-15 16:15:00
CVE-2021-0561
2021-06-22 11:15:00
freebsd
freebsd
FLAC -- out-of-bounds read
2019-09-08 00:00:00
flac -- fix encoder bug
2022-02-20 00:00:00
oraclelinux
oraclelinux
flac security update
2022-11-22 00:00:00
almalinux
almalinux
Moderate: flac security update
2022-11-15 00:00:00
amazon
amazon
Medium: flac
2023-06-21 19:11:00
redhat
redhat
(RHSA-2022:8078) Moderate: flac security update
2022-11-15 06:15:08
rocky
rocky
flac security update
2022-11-15 06:15:08
androidsecurity
androidsecurity
Pixel Update Bulletinβ€”December 2020
2020-12-07 00:00:00

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

81.3%

JSON
Related for OSV:USN-5733-1
nessus56ubuntu1openvas45cloudfoundry1osv8debian3fedora7slackware1alpinelinux3cve3redhatcve3prion3mageia3suse4ubuntucve3veracode3debiancve3freebsd2oraclelinux1almalinux1amazon1redhat1rocky1androidsecurity1