2 matches found
CVE-2020-22219
CVE-2020-22219 affects FLAC when using the bitwriter_grow_ implementation; the vulnerability is a buffer overflow that could allow remote code execution via crafted encoder input in FLAC builds prior to 1.4.0. Multiple connected advisories confirm the issue and indicate that mitigations involve u...
CVE-2017-6888
CVE-2017-6888 concerns the FLAC library: in FLAC version 1.3.2, the function read_metadata_vorbiscomment_() may leak memory when processing a specially crafted FLAC file. This memory leak could contribute to resource exhaustion and a denial of service. The vulnerability is documented across multi...