Lame Security Vulnerabilities and Issues — Lame CVE List

Lucene search

Lame ProjectLame

4 matches found

CVE•added 2017/10/06 4:29 a.m.•49 views

CVE-2017-15045

LAME 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4, 3.99.5, 3.98.4, 3.98.2 and 3.98 has a heap-based buffer over-read in fill_buffer in libmp3lame/util.c, related to lame_encode_buffer_sample_t in libmp3lame/lame.c, a different vulnerability than CVE-2017-9410.

5.5CVSS5.6AI score

CVE•added 2017/10/05 1:29 a.m.•46 views

CVE-2017-15019

LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of an incorrect calloc call.

7.8CVSS6.1AI score0.00285EPSS

CVE•added 2017/10/05 1:29 a.m.•45 views

CVE-2017-15018

LAME 3.99.5, 3.99.4, 3.99.3, 3.99.2, 3.99.1, 3.99, 3.98.4, 3.98.2 and 3.98 have a heap-based buffer over-read when handling a malformed file in k_34_4 in vbrquantize.c.

5.5CVSS5.7AI score0.00286EPSS

CVE•added 2017/10/06 4:29 a.m.•43 views

CVE-2017-15046

LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c, a different vulnerability than CVE-2017-9412.

5.5CVSS5.8AI score0.0248EPSS