Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:rpm/redhat/libcdio@0.92-3?arch=el7
purl pkg:rpm/redhat/libcdio@0.92-3?arch=el7
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-dg5y-yvm7-e7da
Aliases:
CVE-2017-18199
libcdio: NULL pointer dereference in realloc_symlink in rock.c There are no reported fixed by versions.
VCID-nrrj-b1g3-s3fx
Aliases:
CVE-2017-18201
libcdio: Double free in get_cdtext_generic() in lib/driver/_cdio_generic.c There are no reported fixed by versions.
VCID-qhhk-9n8e-h3fv
Aliases:
CVE-2017-18198
libcdio: Heap-based buffer over-read in print_iso9660_recurse function in iso-info.c There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T14:25:57.911131+00:00 RedHat Importer Affected by VCID-nrrj-b1g3-s3fx https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18201.json 38.0.0
2026-04-01T14:25:57.893729+00:00 RedHat Importer Affected by VCID-dg5y-yvm7-e7da https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18199.json 38.0.0
2026-04-01T14:25:57.876897+00:00 RedHat Importer Affected by VCID-qhhk-9n8e-h3fv https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18198.json 38.0.0