彙總 openmpt 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 緩衝區溢位與記憶體損壞 等問題,部分漏洞可能導致 應用程式崩潰,並影響 軟體部署與生產負載 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2019-17113 | In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow. | [email protected] | 9.8 | 2.68% | 2019-10-03 | 2026-06-16 |
| CVE-2019-14383 | J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. | [email protected] | 6.5 | 1.34% | 2019-07-30 | 2026-06-16 |
| CVE-2019-14382 | DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. | [email protected] | 6.5 | 1.22% | 2019-07-30 | 2026-06-16 |
| CVE-2019-14380 | libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files. | [email protected] | 6.5 | 0.94% | 2019-07-30 | 2026-06-16 |
| CVE-2018-20861 | libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files. | [email protected] | 6.5 | 1.14% | 2019-07-30 | 2026-06-16 |
| CVE-2018-20860 | libopenmpt before 0.3.13 allows a crash with malformed MED files. | [email protected] | 6.5 | 1.34% | 2019-07-30 | 2026-06-16 |
| CVE-2019-14381 | libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot. | [email protected] | 7.5 | 1.41% | 2019-07-30 | 2026-06-16 |
| CVE-2018-11710 | soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation. | [email protected] | 8.8 | 2.07% | 2018-06-04 | 2026-06-16 |
| CVE-2018-10017 | soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops. | [email protected] | 6.5 | 2.15% | 2018-04-11 | 2026-06-16 |
| CVE-2018-6611 | soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file. | [email protected] | 8.8 | 1.34% | 2018-02-04 | 2026-06-16 |
| CVE-2017-11311 | soundlib/Load_psm.cpp in OpenMPT through 1.26.12.00 and libopenmpt before 0.2.8461-beta26 has a heap buffer overflow with the potential for arbitrary code execution via a crafted PSM File that triggers use of the same sample slot for two samples. | [email protected] | 7.8 | 1.68% | 2017-07-17 | 2026-06-16 |