2 matches found
CVE-2026-32889
Tinytag (Python) version 2.2.0 is affected by a Denial of Service via a non-terminating SYLT frame parsing loop when processing attacker-supplied MP3s. The root cause is in _parse_synced_lyrics/_find_string_end_pos where an absent string terminator can cause the parser to reset its offset and nev...
CVE-2021-23371
This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces...