Search for packages
| purl | pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1%2Bdeb9u1 |
| Next non-vulnerable version | 1.2.1+git20180316-3 |
| Latest non-vulnerable version | 1.2.1+git20180316-3 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-vzuz-bdgn-4baa
Aliases: CVE-2018-5147 |
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.*Update: The 52.7.2 source release accidentally did not include this patch (the Mozilla-produced 52.7.2 binaries are fine). Anyone building 52.7.2 on ARM should use revision 5cd5586a2f48424a9031a3fa4c782954a9df9a52 instead of the released source. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-vzuz-bdgn-4baa | The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.*Update: The 52.7.2 source release accidentally did not include this patch (the Mozilla-produced 52.7.2 binaries are fine). Anyone building 52.7.2 on ARM should use revision 5cd5586a2f48424a9031a3fa4c782954a9df9a52 instead of the released source. |
CVE-2018-5147
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T15:41:11.588745+00:00 | Debian Oval Importer | Affected by | VCID-vzuz-bdgn-4baa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T11:05:06.745177+00:00 | Debian Oval Importer | Fixing | VCID-vzuz-bdgn-4baa | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 37.0.0 |