CNNVD-202510-3804 Information

CNNVD ID

CNNVD-202510-3804

Related CVE

CVE-2025-61043

• CNNVD Published: 2025-10-28

Description (Chinese)

Monkeys Audio是Monkeys Audio开源的一种无损音频压缩编解码器。 Monkeys Audio 11.31版本存在安全漏洞，该漏洞源于CAPECharacterHelper::GetUTF16FromUTF8函数对UTF-8字符串长度处理不当，可能导致越界读取、崩溃或敏感数据泄露。

Description (English)

Monkeys Audio is a non-lost audio-pressure reduction decoder from Monkeys Audio open source. The security gap in the Monkeys Audio 11.31 version stems from the inappropriate handling of the UTF-8 string lengths in the CAPECharacterHelper: GetUTF16FormUTF8 function, which may result in cross-border reading, collapse or disclosure of sensitive data.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Monkeys Audio

Published

2025-10-28

Last Modified

2026-02-24

References

https://tzh00203.notion.site/Monkey-s-Audio-Out-of-Bounds-Read-Vulnerability-Report-version-11-31-249b5c52018a80739852d0d9660994c9?source=copy_link

Patch

https://www.monkeysaudio.com/download.html