xiph CVE Vulnerabilities & Metrics

Focus on xiph vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About xiph Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with xiph. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total xiph CVEs: 12
Earliest CVE date: 08 Mar 2007, 22:19 UTC
Latest CVE date: 02 Oct 2023, 21:15 UTC

Latest CVE reference: CVE-2023-43361

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): -100.0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): -100.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical xiph CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 4.79

Max CVSS: 9.3

Critical CVEs (≥9): 2

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	11
7.0-8.9	0
9.0-10.0	2

CVSS Distribution Chart

Top 5 Highest CVSS xiph CVEs

These are the five CVEs with the highest CVSS scores for xiph, sorted by severity first and recency.

CVE-2008-1686 xiph Published on 08 Apr 2008, 18:05 UTC (CVSS: 9.3)
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
CVE-2007-1344 xiph Published on 08 Mar 2007, 22:19 UTC (CVSS: 9.3)
Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceString function, which causes a heap-based overflow. NOTE: some of these details are obtained from third party information.
CVE-2018-18820 xiph Published on 05 Nov 2018, 19:29 UTC (CVSS: 6.8)
A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.
CVE-2015-3026 xiph Published on 29 Apr 2015, 20:59 UTC (CVSS: 5.0)
Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg."
CVE-2014-9640 xiph Published on 23 Jan 2015, 15:59 UTC (CVSS: 5.0)
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

All CVEs for xiph

CVE-2023-43361 xiph vulnerability CVSS: 0 02 Oct 2023, 21:15 UTC

Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.

CVE-2022-47021 xiph vulnerability CVSS: 0 20 Jan 2023, 19:15 UTC

A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows attackers to cause denial of service or other unspecified impacts.

CVE-2020-23904 xiph vulnerability CVSS: 4.3 10 Nov 2021, 22:15 UTC

A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program.

CVE-2020-23903 xiph vulnerability CVSS: 4.3 10 Nov 2021, 22:15 UTC

A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.

CVE-2018-18820 xiph vulnerability CVSS: 6.8 05 Nov 2018, 19:29 UTC

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.

CVE-2017-11548 xiph vulnerability CVSS: 4.3 31 Jul 2017, 13:29 UTC

The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file.

CVE-2017-11331 xiph vulnerability CVSS: 4.3 31 Jul 2017, 13:29 UTC

The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.

CVE-2015-6749 xiph vulnerability CVSS: 4.3 21 Sep 2015, 19:59 UTC

Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.

CVE-2015-3026 xiph vulnerability CVSS: 5.0 29 Apr 2015, 20:59 UTC

Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "admin/killsource?mount=/test.ogg."

CVE-2014-9640 xiph vulnerability CVSS: 5.0 23 Jan 2015, 15:59 UTC

oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.

CVE-2014-9639 xiph vulnerability CVSS: 5.0 23 Jan 2015, 15:59 UTC

Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access.

CVE-2014-9638 xiph vulnerability CVSS: 5.0 23 Jan 2015, 15:59 UTC

oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.

CVE-2011-4612 xiph vulnerability CVSS: 5.0 20 Nov 2012, 00:55 UTC

icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.

CVE-2008-1686 xiph vulnerability CVSS: 9.3 08 Apr 2008, 18:05 UTC

Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.

CVE-2007-1344 xiph vulnerability CVSS: 9.3 08 Mar 2007, 22:19 UTC

Multiple buffer overflows in src/ezstream.c in Ezstream before 0.3.0 allow remote attackers to execute arbitrary code via a crafted XML configuration file processed by the (1) urlParse function, which causes a stack-based overflow and the (2) ReplaceString function, which causes a heap-based overflow. NOTE: some of these details are obtained from third party information.