Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Null pointer dereference in vorbis_deinit in stb_vorbis
Vulnerability Description
stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in `start_decoder`. In that case the function returns early, the `f->comment_list` is set to `NULL`, but `f->comment_list_length` is not reset. Later in `vorbis_deinit` it tries to dereference the `NULL` pointer. This issue may lead to denial of service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
空指针解引用
Vulnerability Title
stb_vorbis 代码问题漏洞
Vulnerability Description
stb_vorbis是一款开源的用于解码ogg vorbis文件的音频解码器。 stb_vorbis 存在安全漏洞,该漏洞源于精心设计的文件可能会触发“start_decoder”中的内存分配失败。
CVSS Information
N/A
Vulnerability Type
N/A