CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
The component /rootfs in RageFile of Stepmania v5.1b2 and below allows attackers access to the entire file system. |
2Stepmania Xiph.org2Libvorbis StepmaniaNov 21, 2024 Dec 26, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. NOTE: this may overlap CVE-2018-5146. |