An out-of-bounds read of a global buffer in the draw_line function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service or disclose sensitive information by opening a crafted Ogg Vorbis file.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 10.0 | |
stb_vorbis | eq | <= 201934 |