taglib CVE Vulnerabilities & Metrics

Focus on taglib vulnerabilities and metrics.

Last updated: 08 Jul 2025, 22:25 UTC

About taglib Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with taglib. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total taglib CVEs: 3
Earliest CVE date: 08 Aug 2017, 01:34 UTC
Latest CVE date: 22 May 2025, 14:16 UTC

Latest CVE reference: CVE-2023-47466

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 1

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): -100.0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical taglib CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 3.7

Max CVSS: 6.8

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	1
4.0-6.9	2
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS taglib CVEs

These are the five CVEs with the highest CVSS scores for taglib, sorted by severity first and recency.

CVE-2017-12678 taglib Published on 08 Aug 2017, 01:34 UTC (CVSS: 6.8)
In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file.
CVE-2018-11439 taglib Published on 30 May 2018, 13:29 UTC (CVSS: 4.3)
The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.
CVE-2023-47466 taglib Published on 22 May 2025, 14:16 UTC (CVSS: 0)
TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.

All CVEs for taglib

CVE-2023-47466 taglib vulnerability CVSS: 0 22 May 2025, 14:16 UTC

TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a crafted WAV file in which an id3 chunk is the only valid chunk.

CVE-2018-11439 taglib vulnerability CVSS: 4.3 30 May 2018, 13:29 UTC

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.

CVE-2017-12678 taglib vulnerability CVSS: 6.8 08 Aug 2017, 01:34 UTC

In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file.