CVE-2020-18651
Summary
| CVE | CVE-2020-18651 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-08-22 19:15:00 UTC |
|---|
| Updated | 2023-09-26 01:15:00 UTC |
|---|
| Description | Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] [DLA 3585-1] exempi security update |
MLIST |
lists.debian.org |
|
| A heap-based buffer over-read was found in ID3_Support.cpp (#13) · Issues · libopenraw / exempi · GitLab |
MISC |
gitlab.freedesktop.org |
|
| Issue #13 - Fix a buffer a overflow in ID3 support (fdd4765a) · Commits · libopenraw / exempi · GitLab |
MISC |
gitlab.freedesktop.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 356146 Amazon Linux Security Advisory for exempi : ALAS2-2023-2260
- 6000108 Debian Security Update for exempi (DLA 3585-1)
- 673646 EulerOS Security Update for exempi (EulerOS-SA-2024-1262)
- 754909 SUSE Enterprise Linux Security Update for exempi (SUSE-SU-2023:3734-1)
- 754957 SUSE Enterprise Linux Security Update for exempi (SUSE-SU-2023:3833-1)
