INFSA-2022:8139: wavpack security update
Information about definition
Identificator: INFSA-2022:8139
Type: security
Release date: 2025-03-05 17:04:42 UTC
Information about package
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode.
Vulnerabilities description
- CVE-2021-44269
A heap out-of-bounds read flaw was found in WavPacks' WavpackPackSamples() function of src/pack_utils.c and only affects the command-line program of WavPack (not libwavpack). This flaw allows an attacker to exploit this flaw for a website that uses the WavPack command-line program on user-provided files, causing a denial of service.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2021-44269
|
no information | 3.5 | no information |
Updated packages