Product:

Libopenmpt

(Openmpt)
Repositories https://github.com/OpenMPT/openmpt
#Vulnerabilities 11
Date Id Summary Products Score Patch Annotated
2019-07-30 CVE-2018-20860 libopenmpt before 0.3.13 allows a crash with malformed MED files. Libopenmpt, Leap 6.5
2019-07-30 CVE-2019-14380 libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files. Debian_linux, Libopenmpt 6.5
2019-07-30 CVE-2019-14383 J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Libopenmpt, Leap 6.5
2019-07-30 CVE-2019-14382 DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs. Libopenmpt 6.5
2018-02-04 CVE-2018-6611 soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file. Libopenmpt, Openmpt 8.8
2018-04-11 CVE-2018-10017 soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops. Libopenmpt, Openmpt 6.5
2019-10-04 CVE-2019-17113 In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_InstrumentName and ModPlug_SampleName in libopenmpt_modplug.c do not restrict the lengths of libmodplug output-buffer strings in the C API, leading to a buffer overflow. Libopenmpt N/A
2019-07-30 CVE-2018-20861 libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files. Libopenmpt 6.5
2019-07-30 CVE-2019-14381 libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento from an OPL instrument to an empty instrument note map slot. Libopenmpt 7.5
2018-06-04 CVE-2018-11710 soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation. Libopenmpt 8.8