EPSS
Percentile
53.5%
wavpack is vulnerable to denial of service. An out-of-bounds read in the read_new_config_info function in open_utils.c allows a remote attacker to cause a denial of service via a malicious WV file.
read_new_config_info
open_utils.c
www.openwall.com/lists/oss-security/2017/01/28/9
www.securityfocus.com/bid/95883
github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc
security-tracker.debian.org/tracker/CVE-2016-10172
sourceforge.net/p/wavpack/mailman/message/35561951/