Vulnerabilities > Xiph ORG > Libvorbis > 1.3.4

DATE CVE VULNERABILITY TITLE RISK
2020-12-26 CVE-2020-20412 Improper Validation of Array Index vulnerability in multiple products
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file.
network
low complexity
xiph-org stepmania CWE-129
6.5