{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2019-8356","title":"Title"},{"category":"description","text":"An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2019-8356","url":"https://www.suse.com/security/cve/CVE-2019-8356"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1125802 for CVE-2019-8356","url":"https://bugzilla.suse.com/1125802"}],"title":"SUSE CVE CVE-2019-8356","tracking":{"current_release_date":"2025-02-17T07:54:29Z","generator":{"date":"2023-02-15T04:15:46Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2019-8356","initial_release_date":"2023-02-15T04:15:46Z","revision_history":[{"date":"2023-02-15T04:15:46Z","number":"2","summary":"Current version"},{"date":"2025-01-01T06:48:01Z","number":"3","summary":"Current version"},{"date":"2025-02-15T07:29:08Z","number":"4","summary":"Current version"},{"date":"2025-02-17T07:54:29Z","number":"5","summary":"Current version"}],"status":"interim","version":"5"}}}