OpenMPT/openmpt

GitHub

github.com

openmpt.org

Releases425

Frequency3 weeks 1 day

Last Release 29 days ago

Stars745

Official read-only git mirror of the OpenMPT and libopenmpt subversion repository at https://source.openmpt.org/. This repository may occasionally get rebased without further notice when subversion revision properties (commit message) get fixed in recent history after the fact. Be sure to rebase often in case you clone or fork it.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-17113 ↗	Oct 4, 2019Friday, 4 October 2019, 00:15	9.8 CRITICAL	7.5 HIGH
In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow.
CVE-2018-10017 ↗	Apr 11, 2018Wednesday, 11 April 2018, 05:29	6.5 MEDIUM	4.3 MEDIUM
soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.
CVE-2018-6611 ↗	Feb 4, 2018Sunday, 4 February 2018, 12:29	8.8 HIGH	6.8 MEDIUM
soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file.