Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Desktop 12 SP2 package libvorbis, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2017-14632 — CVSS 9.8 (critical): Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in…
CVE-2018-5146 — CVSS 8.8 (high): An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects…
CVE-2017-14633 — CVSS 6.5 (medium): In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may…