Astra Linux - уязвимость в espeak-ng

It was discovered that Espeak-ng 1.52-dev contains a buffer overflow issue due to a function called SetUpPhonemeTable in the synthdata.c file...

Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow

...

OESA-2024-1021 espeak-ng security update

The eSpeak NG is a compact open source software text-to-speech synthesizer for Linux, Windows, Android and other operating systems. It supports 70 languages and accents. It is based on the eSpeak engine created by Jonathan Duddington. Security Fixes: Espeak-ng 1.52-dev was discovered to contain a...

SUSE CVE-2023-49991

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c...

CVE-2023-49993

Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow via the function ReadClause at readclause.c...

CVE-2023-49994

Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function PeaksToHarmspect at wavegen.c...

Buffer overflow

Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the function SetUpPhonemeTable at synthdata.c...

CVE-2023-49990

CVE-2023-49990 affects espeak-ng, where a buffer overflow is introduced via SetUpPhonemeTable in synthdata.c for the 1.52-dev release. The connected advisories confirm this issue across multiple distributions and note that fixes have been released: Debian lists a patched version (1.50+dfsg-7+deb1...

CVE-2023-49994

CVE-2023-49994 affects espeak-ng. Multiple connected sources confirm a Floating Point Exception in PeaksToHarmspect, triggered in wavegen.c, specifically for version 1.52-dev. The issue is described consistently across advisories and Nessus plugins, with affected deployments including Azure Linux...

CVE-2023-49992

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c...

CVE-2023-49992

CVE-2023-49992 affects espeak-ng. Multiple connected feeds confirm a Stack Buffer Overflow in espeak-ng’s dictionary.c RemoveEnding function for version 1.52-dev. Impact and exploit details are not expanded beyond the overflow description in the sources; no vendor/server-side exploit notes are pr...

CVE-2023-49994

Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function PeaksToHarmspect at wavegen.c...

CVE-2023-49991

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c...

eSpeak NG Security Vulnerability

eSpeak NG is an open source software text-to-speech synthesizer from eSpeak NG Open Source. A security vulnerability exists in eSpeak NG version 1.52-dev, which stems from a floating point exception in the PeaksToHarmspect method of the wavegen.c file...