Vulnerabilities > Wavpack

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2021-44269 Out-of-bounds Read vulnerability in multiple products
An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files.
4.3
2020-12-28 CVE-2020-35738 Out-of-bounds Write vulnerability in multiple products
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument.
5.8
2019-07-11 CVE-2019-1010319 Use of Uninitialized Resource vulnerability in multiple products
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable.
4.3
2019-07-11 CVE-2019-1010317 Use of Uninitialized Resource vulnerability in multiple products
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable.
4.3
2019-07-11 CVE-2019-1010315 Divide By Zero vulnerability in Wavpack
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero.
network
wavpack CWE-369
4.3
2019-04-24 CVE-2019-11498 Access of Uninitialized Pointer vulnerability in multiple products
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data.
4.3
2018-12-04 CVE-2018-19841 Out-of-bounds Read vulnerability in multiple products
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
4.3
2018-12-04 CVE-2018-19840 Infinite Loop vulnerability in multiple products
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero.
4.3
2018-04-29 CVE-2018-10540 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in WavPack 5.1.0 and earlier for W64 input.
4.3
2018-04-29 CVE-2018-10539 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input.
4.3