Search for packages
| purl | pkg:deb/debian/libvorbis@1.3.4-2%2Bdeb8u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-125v-6567-aaam
Aliases: CVE-2018-5146 |
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. |
Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-1n2s-g3w5-aaak
Aliases: CVE-2017-11333 |
The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file. |
Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-24pt-1dej-aaak
Aliases: CVE-2017-14632 |
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. |
Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-5qxt-rvzs-aaan
Aliases: CVE-2017-14160 |
The bark_noise_hybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (out-of-bounds access and application crash) or possibly have unspecified other impact via a crafted mp4 file. |
Affected by 0 other vulnerabilities. |
|
VCID-h9pz-jgxg-aaak
Aliases: CVE-2018-10393 |
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. |
Affected by 0 other vulnerabilities. |
|
VCID-k1vq-z733-aaak
Aliases: CVE-2017-14633 |
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). |
Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-z8nu-tk5t-aaag
Aliases: CVE-2018-10392 |
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-125v-6567-aaam | An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. |
CVE-2018-5146
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T19:17:18.444958+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T16:30:58.313581+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:53:31.337448+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:57:02.518871+00:00 | Debian Oval Importer | Affected by | VCID-z8nu-tk5t-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:37:05.016005+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:10:42.104481+00:00 | Debian Oval Importer | Affected by | VCID-5qxt-rvzs-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:14:38.178569+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:04:48.280178+00:00 | Debian Oval Importer | Affected by | VCID-h9pz-jgxg-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T11:04:07.016215+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:58:07.912306+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:24:44.200176+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:18:29.475719+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T09:53:01.814337+00:00 | Debian Oval Importer | Fixing | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T00:43:35.368463+00:00 | Debian Oval Importer | Affected by | VCID-5qxt-rvzs-aaan | None | 36.1.3 |
| 2025-06-21T00:05:52.884838+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | None | 36.1.3 |
| 2025-06-21T00:04:10.780721+00:00 | Debian Oval Importer | Affected by | VCID-z8nu-tk5t-aaag | None | 36.1.3 |
| 2025-06-20T22:59:49.493315+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | None | 36.1.3 |
| 2025-06-20T21:03:04.685681+00:00 | Debian Oval Importer | Affected by | VCID-h9pz-jgxg-aaak | None | 36.1.3 |
| 2025-06-20T20:03:56.473537+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | None | 36.1.3 |
| 2025-06-20T19:55:11.418021+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | None | 36.1.3 |
| 2025-06-20T19:51:53.393677+00:00 | Debian Oval Importer | Fixing | VCID-125v-6567-aaam | None | 36.1.3 |
| 2025-06-08T13:02:01.297574+00:00 | Debian Oval Importer | Affected by | VCID-z8nu-tk5t-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T12:46:48.683394+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T12:43:34.679637+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T12:43:08.857674+00:00 | Debian Oval Importer | Affected by | VCID-h9pz-jgxg-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:46:06.454323+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T09:16:47.638756+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:46:48.090332+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:50:21.342205+00:00 | Debian Oval Importer | Affected by | VCID-z8nu-tk5t-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:30:11.761882+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:05:28.155690+00:00 | Debian Oval Importer | Affected by | VCID-5qxt-rvzs-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:19:32.456705+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:12:45.182146+00:00 | Debian Oval Importer | Affected by | VCID-h9pz-jgxg-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:34:09.477741+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:31:01.535914+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:10:36.572968+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:06:03.987562+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T03:41:44.154551+00:00 | Debian Oval Importer | Fixing | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T18:06:08.099779+00:00 | Debian Oval Importer | Affected by | VCID-5qxt-rvzs-aaan | None | 36.1.0 |
| 2025-06-07T17:28:39.519694+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | None | 36.1.0 |
| 2025-06-07T17:26:58.771326+00:00 | Debian Oval Importer | Affected by | VCID-z8nu-tk5t-aaag | None | 36.1.0 |
| 2025-06-07T16:23:01.122151+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | None | 36.1.0 |
| 2025-06-07T14:29:37.652461+00:00 | Debian Oval Importer | Affected by | VCID-h9pz-jgxg-aaak | None | 36.1.0 |
| 2025-06-07T13:51:28.990280+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | None | 36.1.0 |
| 2025-06-07T13:45:27.037880+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | None | 36.1.0 |
| 2025-06-07T13:43:19.427573+00:00 | Debian Oval Importer | Fixing | VCID-125v-6567-aaam | None | 36.1.0 |
| 2025-04-12T22:27:36.089181+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:48:05.035587+00:00 | Debian Oval Importer | Affected by | VCID-5qxt-rvzs-aaan | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:49:28.197976+00:00 | Debian Oval Importer | Affected by | VCID-z8nu-tk5t-aaag | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:33:43.168988+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:30:25.857172+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:29:58.813399+00:00 | Debian Oval Importer | Affected by | VCID-h9pz-jgxg-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:30:58.717897+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T07:48:53.380391+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T07:18:21.946017+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:22:48.324937+00:00 | Debian Oval Importer | Affected by | VCID-z8nu-tk5t-aaag | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:03:00.193243+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:37:30.499376+00:00 | Debian Oval Importer | Affected by | VCID-5qxt-rvzs-aaan | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:50:33.143345+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:43:43.453142+00:00 | Debian Oval Importer | Affected by | VCID-h9pz-jgxg-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:04:42.309434+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T03:01:24.024727+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:39:32.535083+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:34:34.389431+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:09:33.546005+00:00 | Debian Oval Importer | Fixing | VCID-125v-6567-aaam | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T16:43:16.923920+00:00 | Debian Oval Importer | Affected by | VCID-5qxt-rvzs-aaan | None | 36.0.0 |
| 2025-04-07T16:03:07.299875+00:00 | Debian Oval Importer | Affected by | VCID-1n2s-g3w5-aaak | None | 36.0.0 |
| 2025-04-07T16:01:21.464128+00:00 | Debian Oval Importer | Affected by | VCID-z8nu-tk5t-aaag | None | 36.0.0 |
| 2025-04-07T14:54:49.019676+00:00 | Debian Oval Importer | Affected by | VCID-k1vq-z733-aaak | None | 36.0.0 |
| 2025-04-07T13:01:51.689662+00:00 | Debian Oval Importer | Affected by | VCID-h9pz-jgxg-aaak | None | 36.0.0 |
| 2025-04-07T12:26:23.949006+00:00 | Debian Oval Importer | Affected by | VCID-125v-6567-aaam | None | 36.0.0 |
| 2025-04-07T12:20:41.239471+00:00 | Debian Oval Importer | Affected by | VCID-24pt-1dej-aaak | None | 36.0.0 |
| 2025-04-07T12:18:36.867168+00:00 | Debian Oval Importer | Fixing | VCID-125v-6567-aaam | None | 36.0.0 |