Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1%2Bdeb9u1
purl pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1%2Bdeb9u1
Next non-vulnerable version 1.2.1+git20180316-3
Latest non-vulnerable version 1.2.1+git20180316-3
Risk 4.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-bxdr-5t7k-rbdn
Aliases:
CVE-2018-5147
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.*Update: The 52.7.2 source release accidentally did not include this patch (the Mozilla-produced 52.7.2 binaries are fine). Anyone building 52.7.2 on ARM should use revision 5cd5586a2f48424a9031a3fa4c782954a9df9a52 instead of the released source.
1.2.1+git20180316-3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-bxdr-5t7k-rbdn The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.*Update: The 52.7.2 source release accidentally did not include this patch (the Mozilla-produced 52.7.2 binaries are fine). Anyone building 52.7.2 on ARM should use revision 5cd5586a2f48424a9031a3fa4c782954a9df9a52 instead of the released source. CVE-2018-5147

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T19:44:47.279546+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T14:34:09.378183+00:00 Debian Oval Importer Fixing VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.4.0
2026-04-11T19:27:13.395170+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T14:22:26.810272+00:00 Debian Oval Importer Fixing VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.3.0
2026-04-08T19:10:45.618669+00:00 Debian Oval Importer Affected by VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-07T22:56:01.276840+00:00 Debian Oval Importer Fixing VCID-bxdr-5t7k-rbdn https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.1.0