EPSS
Percentile
70.4%
sox is vulnerable to heap-based buffer overflow. The vulnerability exists in the start_read() function in sphere.c because an attacker can use a specially-crafted file which can trigger this vulnerability.
start_read()
sphere.c
www.openwall.com/lists/oss-security/2023/02/03/3
lists.debian.org/debian-lts-announce/2023/02/msg00009.html
secdb.alpinelinux.org/edge/community.yaml
talosintelligence.com/vulnerability_reports/TALOS-2021-1434
www.debian.org/security/2023/dsa-5356