suse · CVE-2018-19758

Quick triage

Priority: low Published: 2021-05-30 14:19:01 UTC Updated: 2026-03-05 06:36:12 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-19758 severity low: SUSE including 256 source package names (0.3.32-3.4:libsndfile1-1.0.28-5.12.1, 17:libsndfile1-1.0.28-5.12.1, …), 357 product×package rows across 74 product lines (Container containers/milvus, Container containers/open-webui, … (74 product lines)): Known Affected 231, Fixed 126.

Description:

There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

cvelogic Threat Intelligence