Jump to:

CVE-2023-47466

Jump to:

CVE-2023-47466

Package libtag updated to version 1.13.1-alt5 for branch p11 in task 392863.

Published: 2025-05-22
Modified: 2025-07-02

CVE-2023-47466

TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.

Severity: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

References:

https://github.com/taglib/taglib/commit/dfa33bec0806cbb45785accb8cc6c2048a7d40cf
https://github.com/taglib/taglib/compare/v1.13.1...v2.0
https://github.com/taglib/taglib/issues/1163
https://github.com/taglib/taglib/pull/1164
https://github.com/taglib/taglib/issues/1163

Version: 2.1.2

Package libtag update in p11 on 2025-08-26

ALT-PU-2025-10678-2

Closed vulnerabilities

CVE-2023-47466