EPSS
Percentile
75.4%
sox is vulnerable to denial of service (DoS). The vulnerability exists in the startread function in wav.c, allowing a malicious user to crash the application via a crafted wav file.
startread
wav.c
seclists.org/fulldisclosure/2017/Jul/81
lists.debian.org/debian-lts-announce/2017/11/msg00043.html
lists.debian.org/debian-lts-announce/2019/03/msg00007.html
security-tracker.debian.org/tracker/CVE-2017-11332
security.gentoo.org/glsa/201810-02
www.exploit-db.com/exploits/42398/