CVE-2018-7254

WavPack 5.1.0 is affected by multiple header parsing weaknesses in the CLI parsers. Specifically, ParseRiffHeaderConfig (riff.c), ParseDsdiffHeaderConfig (dsdiff.c), and ParseCaffHeaderConfig (caff.c) can mis-handle unknown or malformed chunk data, leading to remote-denial-of-service via buffer o...

CVE-2016-10170

CVE-2016-10170 affects WavPack; the WriteCaffHeader function in cli/caff.c is vulnerable to an out-of-bounds read in crafted WV files, enabling a denial of service. Public records in connected advisories indicate fixes were delivered via openSUSE/SUSE security updates (wavpack updates addressing ...