{"id":"CVE-2022-47021","details":"A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.","modified":"2026-04-16T04:35:51.353285208Z","published":"2023-01-20T19:15:17.550Z","related":["openSUSE-SU-2024:0013-1","openSUSE-SU-2024:12799-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ODIA6QRIRBNF2HRXOE5VCZ2AFP4ZB4R/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4LIKBLOE433RA44YTYUZLED4IOWJG5DV/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ED4CWLBR2WQ2IXXTHZ24UYZBRNCLMJXH/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYPAQANM2ZNPXRBFOS5NFXNJ7O4Q3OBD/"},{"type":"FIX","url":"https://github.com/xiph/opusfile/issues/36"},{"type":"FIX","url":"https://github.com/xiph/opusfile/commit/0a4cd796df5b030cb866f3f4a5e41a4b92caddf5"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/xiph/opusfile","events":[{"introduced":"2c239ebc90d6c105c52b266ad4664a76a4cc2261"},{"last_affected":"a55c164e9891a9326188b7d4d216ec9a88373739"},{"fixed":"0a4cd796df5b030cb866f3f4a5e41a4b92caddf5"}],"database_specific":{"versions":[{"introduced":"0.9"},{"last_affected":"0.12"}]}}],"versions":["v0.10","v0.11","v0.12","v0.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-47021.json","vanir_signatures":[{"digest":{"line_hashes":["130767672307147289407420356559775706029","13317614848687912484193478925602636191","144553095702598871125400013378138582395","200013815770376048462406562066036482636","139408764762257582073874266626380380189","269018161722186257905673236517628259590","128948526805784082996200560188643188646","20540233520340268411095201284128365705"],"threshold":0.9},"target":{"file":"src/opusfile.c"},"source":"https://github.com/xiph/opusfile/commit/0a4cd796df5b030cb866f3f4a5e41a4b92caddf5","deprecated":false,"signature_type":"Line","id":"CVE-2022-47021-16c8be16","signature_version":"v1"},{"digest":{"length":369,"function_hash":"303514918919810935869497108359724706223"},"target":{"file":"src/opusfile.c","function":"op_get_data"},"source":"https://github.com/xiph/opusfile/commit/0a4cd796df5b030cb866f3f4a5e41a4b92caddf5","deprecated":false,"id":"CVE-2022-47021-3d679de0","signature_type":"Function","signature_version":"v1"},{"deprecated":false,"target":{"file":"src/opusfile.c","function":"op_open1"},"source":"https://github.com/xiph/opusfile/commit/0a4cd796df5b030cb866f3f4a5e41a4b92caddf5","signature_type":"Function","id":"CVE-2022-47021-491ab479","digest":{"length":1831,"function_hash":"168853061540030313505212027813007375267"},"signature_version":"v1"}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"36"}]},{"events":[{"introduced":"0"},{"last_affected":"37"}]}],"vanir_signatures_modified":"2026-04-11T23:22:42Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}