CVE-2020-23903

A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.

Database specific

{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "last_affected": "34"
                },
                {
                    "last_affected": "35"
                }
            ],
            "cpes": [
                "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*"
            ],
            "vendor_product": "fedoraproject:fedora",
            "source": "CPE_STRING"
        }
    ]
}

References

Affected packages

Git / github.com/xiph/speex

Affected ranges

Type

GIT

Repo

https://github.com/xiph/speex

Events

Introduced

Last affected

7fc5f8b88519a2aafdf4b6a5c31ef3d54b560d68

Database specific

{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.2-NA"
        }
    ],
    "cpe": "cpe:2.3:a:xiph:speex:1.2:-:*:*:*:*:*:*",
    "source": "CPE_STRING"
}

Affected versions

Other

Initial

Speex-0.*

Speex-0.0.1

Speex-0.0.2

Speex-0.0.3

Speex-0.1.0

Speex-0.1.1

Speex-0.1.2

Speex-0.2.0

Speex-0.3.0

Speex-0.4.0

Speex-0.5.0

Speex-0.8

Speex-1.*

Speex-1.0

Speex-1.0beta1

Speex-1.0beta2

Speex-1.0beta3

Speex-1.0beta4

Speex-1.0rc1

Speex-1.0rc2

Speex-1.0rc3

Speex-1.1

Speex-1.1.10

Speex-1.1.11

Speex-1.1.11.1

Speex-1.1.12

Speex-1.1.2

Speex-1.1.3

Speex-1.1.4

Speex-1.1.5

Speex-1.1.6

Speex-1.1.7

Speex-1.1.8

Speex-1.1.9

Speex-1.2.0

Speex-1.2beta1

Speex-1.2beta2

Speex-1.2beta3

Speex-1.2beta3.1

Speex-1.2beta3.2

Speex-1.2rc1

Speex-1.2rc2

speex-1.*

speex-1.2beta2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-23903.json"