{"id":"CVE-2023-43361","details":"Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.","modified":"2026-04-02T09:23:40.093702Z","published":"2023-10-02T21:15:34.520Z","related":["ALSA-2024:3095","MGASA-2023-0316","SUSE-SU-2023:4218-1","SUSE-SU-2023:4251-1","openSUSE-SU-2024:13349-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GJKTWQXOZDMCXVEFCQZVH3F3FQYMNYLI/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T47YXGRUCUKN7WEOHUEIUNJ2KZ2C2IDN/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GJKTWQXOZDMCXVEFCQZVH3F3FQYMNYLI/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T47YXGRUCUKN7WEOHUEIUNJ2KZ2C2IDN/"},{"type":"ADVISORY","url":"https://xiph.org/vorbis/"},{"type":"REPORT","url":"https://github.com/xiph/vorbis-tools/issues/41"},{"type":"PACKAGE","url":"https://github.com/xiph/vorbis"},{"type":"PACKAGE","url":"https://github.com/xiph/vorbis-tools"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/xiph/vorbis-tools","events":[{"introduced":"0"},{"last_affected":"71687237c07cd9d5564c73990d0de45520c5bec1"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.4.2"}]}}],"versions":["v1.4.1","v1.4.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-43361.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}