Blbiop

**Name of the Vulnerable Software and Affected Versions** libvorbis versions prior to 1.3.6 StepMania version 5.0.12 **Description** The issue is related to insufficient array bounds checking in libvorbis, which can be exploited via a crafted OGG file. This affects products using libvorbis, including StepMania. **Recommendations** For libvorbis versions prior to 1.3.6, update to version 1.3.6 or later to resolve the issue. For StepMania version 5.0.12, consider updating to a version that uses an updated libvorbis library, or apply any available patches from the vendor.