Trougnouf

**Name of the Vulnerable Software and Affected Versions** Clementine Music Player version 1.3.1 **Description** A user mode write access violation occurs due to a NULL pointer dereference in the `Init` call in the `MoodbarPipeline::NewPadCallback` function. This issue is triggered when a user opens a malformed mp3 file. **Recommendations** For version 1.3.1, consider avoiding the use of the `MoodbarPipeline::NewPadCallback` function until a patch is available. As a temporary workaround, refrain from opening malformed mp3 files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.