CVE-2018-10536

Published April 29th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.

dbry/WavPack

WavPack encode/decode library, command-line programs, and several plugins

GitHub

462