Search for packages
Package details: pkg:deb/debian/libvorbis@1.3.4-2%2Bdeb8u1
purl pkg:deb/debian/libvorbis@1.3.4-2%2Bdeb8u1
Next non-vulnerable version 1.3.6-2
Latest non-vulnerable version 1.3.6-2
Risk 10.0
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-28vq-2q8e-ykcc
Aliases:
CVE-2018-10393
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
1.3.6-2
Affected by 0 other vulnerabilities.
VCID-6esn-a37s-9yfk
Aliases:
CVE-2017-11333
security update
1.3.5-4+deb9u2
Affected by 7 other vulnerabilities.
1.3.6-2
Affected by 0 other vulnerabilities.
VCID-cfj9-8yvv-wbhj
Aliases:
CVE-2018-10392
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.
1.3.6-2
Affected by 0 other vulnerabilities.
VCID-hfum-jn9c-b7a5
Aliases:
CVE-2017-14633
1.3.5-4+deb9u2
Affected by 7 other vulnerabilities.
1.3.6-2
Affected by 0 other vulnerabilities.
VCID-jcag-bxq7-9qhu
Aliases:
CVE-2018-5146
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest.
1.3.5-4+deb9u2
Affected by 7 other vulnerabilities.
1.3.6-2
Affected by 0 other vulnerabilities.
VCID-qh9t-8bch-quac
Aliases:
CVE-2017-14632
1.3.5-4+deb9u2
Affected by 7 other vulnerabilities.
1.3.6-2
Affected by 0 other vulnerabilities.
VCID-sed4-3epn-mfch
Aliases:
CVE-2017-14160
1.3.6-2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-jcag-bxq7-9qhu An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. CVE-2018-5146

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-01T19:59:51.964145+00:00 Debian Oval Importer Affected by VCID-qh9t-8bch-quac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:46:08.696643+00:00 Debian Oval Importer Affected by VCID-sed4-3epn-mfch https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:08:50.964850+00:00 Debian Oval Importer Affected by VCID-cfj9-8yvv-wbhj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:47:58.609509+00:00 Debian Oval Importer Affected by VCID-hfum-jn9c-b7a5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:43:35.428821+00:00 Debian Oval Importer Affected by VCID-6esn-a37s-9yfk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:43:01.051015+00:00 Debian Oval Importer Affected by VCID-28vq-2q8e-ykcc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:23:46.078768+00:00 Debian Oval Importer Affected by VCID-jcag-bxq7-9qhu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:07:37.291039+00:00 Debian Oval Importer Affected by VCID-jcag-bxq7-9qhu https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 37.0.0
2025-08-01T11:04:29.906793+00:00 Debian Oval Importer Affected by VCID-qh9t-8bch-quac https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 37.0.0
2025-08-01T10:43:51.972961+00:00 Debian Oval Importer Affected by VCID-6esn-a37s-9yfk https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 37.0.0
2025-08-01T10:39:08.811274+00:00 Debian Oval Importer Affected by VCID-hfum-jn9c-b7a5 https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 37.0.0
2025-08-01T10:14:56.511696+00:00 Debian Oval Importer Fixing VCID-jcag-bxq7-9qhu https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 37.0.0