14 lines
1.0 KiB
JSON
14 lines
1.0 KiB
JSON
{
|
|
"id": "openEuler-SA-2023-1062",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1062",
|
|
"title": "An update for opusfile is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1",
|
|
"severity": "Important",
|
|
"description": "The opusfile library provides seeking, decode, and playback of Opus streams in the Ogg container (.opus files) including over http(s) on posix and windows systems. opusfile depends on libopus and libogg.The included opusurl library for http(s) access depends on opusfile and openssl.\r\n\r\nSecurity Fix(es):\r\n\r\nA null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.(CVE-2022-47021)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2022-47021",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47021",
|
|
"severity": "Important"
|
|
}
|
|
]
|
|
} |