PT-2025-19406 · Crates.Io · Mp3-Metadata
Published
2025-04-30
·
Updated
2025-04-30
CVSS v4.0
5.4
Medium
| Vector | AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P |
The
get id3() methods used by mp3 metadata::read from slice() does not perform adequate bounds checking when recreating the tag due to the use of desynchronization.Fixed in Fix index error, released as part of 0.4.0.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mp3-Metadata