5 matches found
SUSE CVE-2025-57156
NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...
CVE-2025-57156
NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...
CVE-2025-63648
CVE-2025-63648 concerns a NULL pointer dereference in the function dacp_reply_playqueueedit_move (src/httpd_dacp.c) in owntone-server, triggered by a crafted DACP request. The issue is tied to commit b7e385f and has been reported across multiple sources (SUSE, Red Hat, NVD, OSV, CVE lists). Docum...
CVE-2025-57156
NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...
CVE-2025-57156
Summary (CVE-2025-57156) : A NULL pointer dereference in the owntone-server component, specifically in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c, can be triggered by a remote attacker through commits up to 6d604a1 (post-version 28.12). This vulnerability allows remote Denial...