wavpack (SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOS package wavpack, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (13)
CVE-2018-6767 — CVSS 7.8 (high): A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause…
CVE-2018-10537 — CVSS 7.8 (high): An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory…
CVE-2018-10536 — CVSS 7.8 (high): An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory…
CVE-2018-7254 — CVSS 7.8 (high): The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global…
CVE-2018-7253 — CVSS 7.8 (high): The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service…
CVE-2019-11498 — CVSS 6.5 (medium): WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised…
CVE-2020-35738 — CVSS 6.1 (medium): WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE…
CVE-2018-19841 — CVSS 5.5 (medium): The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a…
CVE-2018-19840 — CVSS 5.5 (medium): The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service…
CVE-2018-10540 — CVSS 5.5 (medium): An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in…
CVE-2019-1010319 — CVSS 5.5 (medium): WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and…
CVE-2018-10539 — CVSS 5.5 (medium): An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in…
CVE-2018-10538 — CVSS 5.5 (medium): An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c…