VulnerableCode Package Details - pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn14261-1

Search for packages

Package details: pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn14261-1

Essentials
History (13)

purl	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn14261-1

Next non-vulnerable version	1.2.1+git20180316-3
Latest non-vulnerable version	1.2.1+git20180316-3
Risk	4.5

Vulnerabilities affecting this package (11)

Vulnerability	Summary	Fixed by
VCID-3hj9-b58e-ckh4 Aliases: CVE-2008-1419		1.0.2+svn18153-0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-8puv-bmxh-a7d5 Aliases: CVE-2007-4065	Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)	1.0.2+svn16259-2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-amvs-eaha-wfgj Aliases: CVE-2007-3106		1.0.2+svn16259-2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ax5p-runb-3ba4 Aliases: CVE-2008-1423		1.0.2+svn18153-0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-gmrh-s795-8feh Aliases: CVE-2007-4066	Multiple libvorbis flaws (CVE-2007-4066, CVE-2007-4029)	1.0.2+svn16259-2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-jwvr-ax6v-nbf4 Aliases: CVE-2012-0444	Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution.	1.0.2+svn18153-0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-qvmd-t5nf-dkb5 Aliases: CVE-2007-4029		1.0.2+svn16259-2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vzuz-bdgn-4baa Aliases: CVE-2018-5147	The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.*Update: The 52.7.2 source release accidentally did not include this patch (the Mozilla-produced 52.7.2 binaries are fine). Anyone building 52.7.2 on ARM should use revision 5cd5586a2f48424a9031a3fa4c782954a9df9a52 instead of the released source.	1.0.2+svn18153-1~deb8u2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.0.2+svn18153-1+deb9u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 1.2.1+git20180316-3 Affected by 0 other vulnerabilities.
VCID-wdyw-kubz-t3dv Aliases: CVE-2009-2663	Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues.Audio and video capabilities were added in Firefox 3.5 so prior releases of Firefox were not affected.	1.0.2+svn16259-2 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-xb2c-r22q-dkgc Aliases: CVE-2009-3379	Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues.Audio and video capabilities were added in Firefox 3.5 so prior releases of Firefox were not affected.	1.0.2+svn18153-0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-xwju-wywk-6qbx Aliases: CVE-2008-2009		1.0.2+svn18153-0.2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T19:34:22.524366+00:00	Debian Oval Importer	Affected by	VCID-wdyw-kubz-t3dv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T19:26:57.134136+00:00	Debian Oval Importer	Affected by	VCID-ax5p-runb-3ba4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T16:21:17.676101+00:00	Debian Oval Importer	Affected by	VCID-jwvr-ax6v-nbf4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:41:11.571136+00:00	Debian Oval Importer	Affected by	VCID-vzuz-bdgn-4baa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:40:53.305075+00:00	Debian Oval Importer	Affected by	VCID-3hj9-b58e-ckh4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:13:44.797006+00:00	Debian Oval Importer	Affected by	VCID-xwju-wywk-6qbx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T15:11:49.495666+00:00	Debian Oval Importer	Affected by	VCID-gmrh-s795-8feh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:49:03.300353+00:00	Debian Oval Importer	Affected by	VCID-8puv-bmxh-a7d5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:29:00.000715+00:00	Debian Oval Importer	Affected by	VCID-qvmd-t5nf-dkb5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:05:09.134063+00:00	Debian Oval Importer	Affected by	VCID-amvs-eaha-wfgj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T12:03:34.933079+00:00	Debian Oval Importer	Affected by	VCID-xb2c-r22q-dkgc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-08-01T11:05:06.724625+00:00	Debian Oval Importer	Affected by	VCID-vzuz-bdgn-4baa	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	37.0.0
2025-08-01T10:31:42.349396+00:00	Debian Oval Importer	Affected by	VCID-vzuz-bdgn-4baa	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	37.0.0