« List of all CVEs

CVE-2017-6888

Published: 4/25/2018 Last updated: 8/5/2024 Reserved: 3/14/2017

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

CNA assigner: flexera (44d08088-2bea-4760-83a6-1e9be26b15ab) Requested by: n/a

Opam packages affected (1)

conf-libflac

Products affected (1)

Product Vendor Version
FLAC FLAC < 10.0.22631.3880

References (12)