Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.2
purl pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.2
Next non-vulnerable version 1.2.1+git20180316-3
Latest non-vulnerable version 1.2.1+git20180316-3
Risk 4.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-bxdr-5t7k-rbdn
Aliases:
CVE-2018-5147
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.*Update: The 52.7.2 source release accidentally did not include this patch (the Mozilla-produced 52.7.2 binaries are fine). Anyone building 52.7.2 on ARM should use revision 5cd5586a2f48424a9031a3fa4c782954a9df9a52 instead of the released source.
1.0.2+svn18153-1~deb8u2
Affected by 1 other vulnerability.
1.0.2+svn18153-1+deb9u1
Affected by 1 other vulnerability.
1.2.1+git20180316-3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-12w2-ffkf-7bfv vorbis: insufficient validation of Huffman tree causing memory corruption in _make_decode_tree() CVE-2008-2009
VCID-55cd-r9yc-nfan Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. CVE-2009-3379
VCID-c3vm-d9f5-2kcj Multiple vulnerabilities in libvorbis might lead to the execution of arbitrary code. CVE-2008-1419
VCID-gajm-zb2s-ukgz Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. CVE-2012-0444
VCID-mddv-hvgp-u3aa Multiple vulnerabilities in libvorbis might lead to the execution of arbitrary code. CVE-2008-1423

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T00:11:15.179678+00:00 Debian Oval Importer Fixing VCID-mddv-hvgp-u3aa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:31:43.181280+00:00 Debian Oval Importer Fixing VCID-gajm-zb2s-ukgz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:44:47.273014+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:44:27.380065+00:00 Debian Oval Importer Fixing VCID-c3vm-d9f5-2kcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:12:57.167534+00:00 Debian Oval Importer Fixing VCID-12w2-ffkf-7bfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:32:32.098815+00:00 Debian Oval Importer Fixing VCID-55cd-r9yc-nfan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T14:34:09.371542+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.4.0
2026-04-15T14:00:46.506465+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.4.0
2026-04-11T23:45:09.162687+00:00 Debian Oval Importer Fixing VCID-mddv-hvgp-u3aa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:13:03.823529+00:00 Debian Oval Importer Fixing VCID-gajm-zb2s-ukgz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:27:13.387101+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:26:54.747435+00:00 Debian Oval Importer Fixing VCID-c3vm-d9f5-2kcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:56:31.698723+00:00 Debian Oval Importer Fixing VCID-12w2-ffkf-7bfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:20:31.842672+00:00 Debian Oval Importer Fixing VCID-55cd-r9yc-nfan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T14:22:26.802741+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.3.0
2026-04-11T13:49:23.087493+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.3.0
2026-04-08T23:17:27.556134+00:00 Debian Oval Importer Fixing VCID-mddv-hvgp-u3aa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:54:13.624942+00:00 Debian Oval Importer Fixing VCID-gajm-zb2s-ukgz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:10:45.608791+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:10:27.448420+00:00 Debian Oval Importer Fixing VCID-c3vm-d9f5-2kcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:41:08.510690+00:00 Debian Oval Importer Fixing VCID-12w2-ffkf-7bfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:15:13.667210+00:00 Debian Oval Importer Fixing VCID-55cd-r9yc-nfan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T22:56:01.267160+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.1.0
2026-04-07T22:24:40.834115+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 38.1.0