View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2019-11372 low priority: Debian including 1 source packages (libmediainfo), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.
An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.