Lucene search
+L

4 matches found

OSV
OSV
added 2026/03/18 3:22 a.m.5 views

CVE-2026-32256 music-metadata has an infinite loop vulnerability in ASF parser

music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Version 11.12.3 fixe...

7.5CVSS5.9AI score0.00366EPSS
Exploits0References4
OSV
OSV
added 2026/03/17 8:4 p.m.5 views

GHSA-V6C2-XWV6-8XF7 music-metadata has an infinite loop vulnerability in ASF parser

Summary music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Root Cause When objectSize is 0: 1. remaining = 0 - 24 = -24 2. tokenizer.ignore-24 moves the read position...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/11/15 12:0 a.m.8 views

GPAC Security Vulnerabilities

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version v2.3-DEV-rv566-g50c2ab06f-master, which stems from a buffer overflow vulnerability in the function hevcparsevpsextension...

7.8CVSS7.3AI score0.00365EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2019/02/07 12:0 a.m.8 views

The vulnerability of the ald-parse security extension of the ALD service in the Astra Linux operating system allows a attacker to cause a service failure.

The vulnerability of the ald-parse security extension of the ALD service in the Astra Linux operating system is related to an error in assigning access rights to the cache of token metadata for certain services. This leads to its continuous reallocation. Exploiting this vulnerability allows a...

2.2CVSS5.5AI score
Exploits0
Rows per page
Query Builder