wavpack is vulnerable to denial of service. An out-of-bounds read in the read_new_config_info
function in open_utils.c
allows a remote attacker to cause a denial of service via a malicious WV file.
CPE | Name | Operator | Version |
---|---|---|---|
wavpack:stretch | eq | 5.0.0-2+deb9u2 | |
wavpack:stretch | eq | 5.0.0-2+deb9u2 |