CVE-2022-33065: Integer Overflow or Wraparound

July 18, 2023 (updated August 2, 2023)

Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts.

References

github.com/libsndfile/libsndfile/issues/789
github.com/libsndfile/libsndfile/issues/833
nvd.nist.gov/vuln/detail/CVE-2022-33065

Detect and mitigate CVE-2022-33065 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →