{"id":"CVE-2024-50612","details":"libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.","modified":"2026-03-12T13:39:16.901505Z","published":"2024-10-27T22:15:03.613Z","related":["ALSA-2024:11192","ALSA-2024:11237","MGASA-2024-0373","openSUSE-SU-2024:14532-1"],"references":[{"type":"EVIDENCE","url":"https://github.com/libsndfile/libsndfile/issues/1035"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/erikd/libsndfile","events":[{"introduced":"0"},{"last_affected":"72f6af15e8f85157bd622ed45b979025828b7001"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.2.2"}]}}],"versions":["1.0.25","1.0.26","1.0.27","1.0.28","1.0.31","1.1.0","1.1.0beta1","1.1.0beta2","1.2.0","1.2.1","1.2.2","v1.0.29","v1.0.30"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50612.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}