Xiph - Speex CVE

Filtered by vendor Xiph Subscribe

Filtered by product Speex

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-23904	1 Xiph	1 Speex	2022-01-21	4.3 MEDIUM	5.5 MEDIUM
DISPUTED A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program."
CVE-2020-23903	2 Fedoraproject, Xiph	2 Fedora, Speex	2021-12-15	4.3 MEDIUM	5.5 MEDIUM
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.

Vulnerabilities (CVE)