View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-7253 medium priority: Ubuntu including 1 source packages (wavpack), 4 status rows across 4 suites (artful, trusty, upstream, xenial): DNE 1, needs-triage 1, not-affected 1, released 1.
The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.