2.9 LOW
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
TagLib before 2.0 allows a segmentation violation and application crash …
TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.
References
- https://github.com/taglib/taglib/issues/1163
- https://github.com/taglib/taglib/pull/1164
- https://github.com/taglib/taglib/compare/v1.13.1...v2.0
- https://github.com/taglib/taglib/commit/dfa33bec0806cbb45785accb8cc6c2048a7d40cf
- https://github.com/taglib/taglib/issues/1163 exploit
- https://github.com/taglib/taglib/issues/1163
- https://github.com/taglib/taglib/pull/1164
- https://github.com/taglib/taglib/compare/v1.13.1...v2.0
- https://github.com/taglib/taglib/commit/dfa33bec0806cbb45785accb8cc6c2048a7d40cf
- https://github.com/taglib/taglib/issues/1163 exploit
- https://lists.debian.org/debian-lts-announce/2026/01/msg00022.html
Affected products
- <2.0
Matching in nixpkgs
pkgs.taglib
Library for reading and editing audio file metadata
pkgs.taglib_1
Library for reading and editing audio file metadata
pkgs.taglib-sharp
Library for reading and writing metadata in media files
pkgs.taglib_extras
Additional taglib plugins
pkgs.kdePackages.taglib
Library for reading and editing audio file metadata
pkgs.ocamlPackages.taglib
Bindings for the taglib library which provides functions for reading tags in headers of audio files
pkgs.haskellPackages.taglib
Binding to TagLib (ID3 tag library)
pkgs.haskellPackages.htaglib
Bindings to TagLib, audio meta-data library
pkgs.rubyPackages.taglib-ruby
None
pkgs.python312Packages.pytaglib
Python bindings for the Taglib audio metadata library
pkgs.python313Packages.pytaglib
Python bindings for the Taglib audio metadata library
pkgs.rubyPackages_3_1.taglib-ruby
None
pkgs.rubyPackages_3_2.taglib-ruby
None
pkgs.rubyPackages_3_3.taglib-ruby
None
pkgs.rubyPackages_3_4.taglib-ruby
None
pkgs.rubyPackages_3_5.taglib-ruby
None
pkgs.chickenPackages_5.chickenEggs.taglib
Bindings to taglib
pkgs.tests.pkg-config.defaultPkgConfigPackages.taglib
Test whether taglib-2.0.2 exposes pkg-config modules taglib
pkgs.tests.pkg-config.defaultPkgConfigPackages.taglib_c
Test whether taglib-2.0.2 exposes pkg-config modules taglib_c
Package maintainers
-
@ttuegel Thomas Tuegel <ttuegel@mailbox.org>
-
@mrkkrp Mark Karpov <markkarpov92@gmail.com>
-
@D4ndellion Daniel Olsen <daniel@dodsorf.as>