tinytag@2.2.0

Read audio file metadata

latest version

2.2.1

latest non vulnerable version

2.2.1

first published

11 years ago

latest version published

14 days ago

licenses detected

MIT
[1.0.0,)

View tinytag package health on Snyk (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the tinytag package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Infinite loop tinytag is a Read audio file metadata Affected versions of this package are vulnerable to Infinite loop via a non-terminating SYLT frame parsing loop. An attacker can cause the application to become unresponsive by supplying a specially crafted MP3 file containing a SYLT frame without a string terminator, leading to a non-terminating parsing loop. How to fix Infinite loop? Upgrade `tinytag` to version 2.2.1 or higher.	[2.2.0,2.2.1)

Infinite loop

tinytag is a Read audio file metadata

Affected versions of this package are vulnerable to Infinite loop via a non-terminating SYLT frame parsing loop. An attacker can cause the application to become unresponsive by supplying a specially crafted MP3 file containing a SYLT frame without a string terminator, leading to a non-terminating parsing loop.

How to fix Infinite loop?

Upgrade tinytag to version 2.2.1 or higher.

[2.2.0,2.2.1)

Go back to all versions of this package