4.60.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-11	CVE-2019-1010319	Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. local low complexity wavpack fedoraproject canonical debian CWE-908	5.5
2019-07-11	CVE-2019-1010317	Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. local low complexity wavpack fedoraproject canonical debian CWE-908	5.5
2019-07-11	CVE-2019-1010315	Divide By Zero vulnerability in multiple products WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. local low complexity wavpack fedoraproject debian canonical CWE-369	5.5
2019-04-24	CVE-2019-11498	Access of Uninitialized Pointer vulnerability in multiple products WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data. network low complexity wavpack canonical fedoraproject debian CWE-824	6.5
2018-12-04	CVE-2018-19841	Out-of-bounds Read vulnerability in multiple products The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. local low complexity wavpack canonical fedoraproject opensuse debian CWE-125	5.5
2018-12-04	CVE-2018-19840	Infinite Loop vulnerability in multiple products The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero. local low complexity wavpack canonical fedoraproject opensuse CWE-835	5.5
2018-04-29	CVE-2018-10540	Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for W64 input. local low complexity wavpack debian CWE-787	5.5
2018-04-29	CVE-2018-10539	Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. local low complexity wavpack debian CWE-787	5.5
2018-04-29	CVE-2018-10538	Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for WAV input. local low complexity wavpack debian CWE-787	5.5
2018-04-29	CVE-2018-10537	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier. local low complexity wavpack debian CWE-119	7.8