Search for packages
Package details: pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.2
purl pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.2
Next non-vulnerable version 1.2.1+git20180316-3
Latest non-vulnerable version 1.2.1+git20180316-3
Risk 4.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-gn8c-rxsu-aaac
Aliases:
CVE-2018-5147
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.
1.0.2+svn18153-1~deb8u2
Affected by 1 other vulnerability.
1.0.2+svn18153-1+deb9u1
Affected by 1 other vulnerability.
1.2.1+git20180316-3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-7emd-hfgr-aaac Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663. CVE-2009-3379
VCID-7uv1-rx7q-aaac Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. CVE-2008-1419
VCID-hxm6-d9t8-aaaq Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. CVE-2008-1423
VCID-mt2s-z5qu-aaas Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function. CVE-2008-2009
VCID-rru1-3cfp-aaah Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file. CVE-2012-0444

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T18:17:02.823432+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:48:54.562699+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:19:21.674855+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:32:04.223317+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:25:15.215124+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:24:17.801720+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:43:36.131551+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T10:59:04.112664+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 36.1.3
2025-06-21T10:09:36.913079+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.3
2025-06-21T00:47:20.669840+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas None 36.1.3
2025-06-20T23:36:22.786430+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac None 36.1.3
2025-06-20T22:51:23.126944+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac None 36.1.3
2025-06-20T22:32:36.077875+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah None 36.1.3
2025-06-20T20:40:16.113312+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq None 36.1.3
2025-06-20T19:41:37.329421+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac None 36.1.3
2025-06-08T13:05:34.794451+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:48:09.055517+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:21:53.059751+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T10:00:29.285248+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:17:52.077614+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:11:13.013627+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:18:50.263936+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:37:46.802198+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T04:31:40.231583+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 36.1.0
2025-06-08T03:58:42.922902+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.0
2025-06-07T18:09:50.498851+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas None 36.1.0
2025-06-07T16:59:18.673214+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac None 36.1.0
2025-06-07T16:14:49.376104+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac None 36.1.0
2025-06-07T15:56:39.874985+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah None 36.1.0
2025-06-07T14:12:15.521365+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq None 36.1.0
2025-06-07T13:35:06.195625+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac None 36.1.0
2025-04-12T22:03:13.584926+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:43:44.574678+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:13:55.889599+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:13:43.653556+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:53:06.806410+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:30:18.153132+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:02:51.499385+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:32:45.599041+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:49:58.228115+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:43:05.027833+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:50:11.454126+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:10:11.036514+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:02:03.211615+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 36.0.0
2025-04-08T02:26:50.809969+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.0.0
2025-04-07T16:47:06.881465+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas None 36.0.0
2025-04-07T15:32:29.194997+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac None 36.0.0
2025-04-07T14:46:18.297850+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac None 36.0.0
2025-04-07T14:27:41.128116+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah None 36.0.0
2025-04-07T12:45:26.533975+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq None 36.0.0
2025-04-07T12:10:31.594765+00:00 Debian Oval Importer Affected by VCID-gn8c-rxsu-aaac None 36.0.0
2024-11-28T18:38:57.532833+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T07:30:43.848279+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-26T15:17:18.509966+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-26T13:53:57.329904+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-26T13:50:02.890436+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-14T04:04:58.778741+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T03:40:55.885389+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T16:45:40.830155+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T15:49:52.368691+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T15:47:18.671813+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-21T05:49:35.758138+00:00 Debian Oval Importer Fixing VCID-rru1-3cfp-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:58:33.169002+00:00 Debian Oval Importer Fixing VCID-7emd-hfgr-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T16:12:24.985509+00:00 Debian Oval Importer Fixing VCID-mt2s-z5qu-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T15:54:39.830584+00:00 Debian Oval Importer Fixing VCID-hxm6-d9t8-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T15:53:47.203386+00:00 Debian Oval Importer Fixing VCID-7uv1-rx7q-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1