Vulnerabilities > Stepmania

DATE CVE VULNERABILITY TITLE RISK
2022-03-01 CVE-2022-25010 Incorrect Permission Assignment for Critical Resource vulnerability in Stepmania 5.0.12/5.1.0
The component /rootfs in RageFile of Stepmania v5.1b2 and below allows attackers access to the entire file system.
network
low complexity
stepmania CWE-732
critical
9.1
2020-12-26 CVE-2020-20412 Improper Validation of Array Index vulnerability in multiple products
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file.
network
low complexity
xiph-org stepmania CWE-129
6.5