EPSS
Percentile
51.1%
sox is vulnerable to denial of service. A reachable assertion abort in the function sox_append_comment() in formats.c allows an attacker to crash the application via a malicious audio file.
sox_append_comment()
formats.c
bugzilla.redhat.com/show_bug.cgi?id=1500570
lists.debian.org/debian-lts-announce/2017/11/msg00043.html
lists.debian.org/debian-lts-announce/2019/03/msg00007.html
security-tracker.debian.org/tracker/CVE-2017-15371
security.gentoo.org/glsa/201810-02