Vulnerabilities (CVE)

Filtered by vendor Flac Project Subscribe
Filtered by product Flac
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-6888 3 Debian, Fedoraproject, Flac Project 3 Debian Linux, Fedora, Flac 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
CVE-2020-22219 1 Flac Project 1 Flac 2024-02-28 N/A 7.8 HIGH
Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.