9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.042 Low
EPSS
Percentile
92.3%
The RedHat Project reports:
Will Drewry of the Google Security Team reported multiple
issues in OGG Vorbis and Tremor libraries, that could cause
application using those libraries to crash (NULL pointer
dereference or divide by zero), enter an infinite loop or
cause heap overflow caused by integer overflow.