Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 12 SP2 package lame, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2017-9872 — CVSS 7.8 (high): The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote…
CVE-2017-9871 — CVSS 7.8 (high): The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to…
CVE-2017-15019 — CVSS 7.8 (high): LAME 3.99.5 has a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file…
CVE-2017-13712 — CVSS 7.5 (high): NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of…
CVE-2015-9100 — CVSS 5.5 (medium): The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (NULL…
CVE-2015-9101 — CVSS 5.5 (medium): The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5…
CVE-2017-9412 — CVSS 5.5 (medium): The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid…
CVE-2017-9869 — CVSS 5.5 (medium): The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to…
CVE-2017-9870 — CVSS 5.5 (medium): The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to…
CVE-2017-9411: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-9100. Reason: This candidate is a duplicate of CVE-2015-9100…
CVE-2017-9410: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-9101. Reason: This candidate is a duplicate of CVE-2015-9101…