4 matches found
CVE-2026-32256 music-metadata has an infinite loop vulnerability in ASF parser
music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Version 11.12.3 fixe...
GHSA-V6C2-XWV6-8XF7 music-metadata has an infinite loop vulnerability in ASF parser
Summary music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Root Cause When objectSize is 0: 1. remaining = 0 - 24 = -24 2. tokenizer.ignore-24 moves the read position...
GPAC Security Vulnerabilities
GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version v2.3-DEV-rv566-g50c2ab06f-master, which stems from a buffer overflow vulnerability in the function hevcparsevpsextension...
The vulnerability of the ald-parse security extension of the ALD service in the Astra Linux operating system allows a attacker to cause a service failure.
The vulnerability of the ald-parse security extension of the ALD service in the Astra Linux operating system is related to an error in assigning access rights to the cache of token metadata for certain services. This leads to its continuous reallocation. Exploiting this vulnerability allows a...