CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
83.1%
An update is available for wavpack.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode.
Security Fix(es):
wawpack: Infinite loop in WavpackPackInit function lead to DoS (CVE-2018-19840)
wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads to DoS (CVE-2018-19841)
wavpack: Use of uninitialized variable in WavpackSetConfiguration64 leads to DoS (CVE-2019-11498)
wavpack: Divide by zero in ParseDsdiffHeaderConfig leads to crash (CVE-2019-1010315)
wavpack: Use of uninitialized variable in ParseCaffHeaderConfig leads to DoS (CVE-2019-1010317)
wavpack: Use of uninitialized variable in ParseWave64HeaderConfig leads to DoS (CVE-2019-1010319)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.2 Release Notes linked from the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
rocky | 8 | aarch64 | wavpack | < 5.1.0-15.el8 | wavpack-0:5.1.0-15.el8.aarch64.rpm |
rocky | 8 | i686 | wavpack | < 5.1.0-15.el8 | wavpack-0:5.1.0-15.el8.i686.rpm |
rocky | 8 | x86_64 | wavpack | < 5.1.0-15.el8 | wavpack-0:5.1.0-15.el8.x86_64.rpm |
rocky | 8 | aarch64 | wavpack-debuginfo | < 5.1.0-15.el8 | wavpack-debuginfo-0:5.1.0-15.el8.aarch64.rpm |
rocky | 8 | i686 | wavpack-debuginfo | < 5.1.0-15.el8 | wavpack-debuginfo-0:5.1.0-15.el8.i686.rpm |
rocky | 8 | x86_64 | wavpack-debuginfo | < 5.1.0-15.el8 | wavpack-debuginfo-0:5.1.0-15.el8.x86_64.rpm |
rocky | 8 | aarch64 | wavpack-debugsource | < 5.1.0-15.el8 | wavpack-debugsource-0:5.1.0-15.el8.aarch64.rpm |
rocky | 8 | i686 | wavpack-debugsource | < 5.1.0-15.el8 | wavpack-debugsource-0:5.1.0-15.el8.i686.rpm |
rocky | 8 | x86_64 | wavpack-debugsource | < 5.1.0-15.el8 | wavpack-debugsource-0:5.1.0-15.el8.x86_64.rpm |
rocky | 8 | aarch64 | wavpack-devel | < 5.1.0-15.el8 | wavpack-devel-0:5.1.0-15.el8.aarch64.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
83.1%