VDB
GCVE-110-MAGEIA-2014-245
GCVE-110-MAGEIA-2014-245
Advisory Published
Updated mumble packages fix security vulnerabilities:
In Mumble before 1.2.6, the Mumble client is vulnerable to a Denial of
Service attack when rendering crafted SVG files that contain references to
files on the local computer, due to an issue in Qt's SVG renderer module.
This issue can be triggered remotely by an entity participating in a Mumble
voice chat, using text messages, channel comments, user comments and user
textures/avatars (CVE-2014-3755).
In Mumble before 1.2.6, The Mumble client did not properly HTML-escape some
external strings before using them in a rich-text (HTML) context. In some
situations, this could be abused to perform a Denial of Service attack on a
Mumble client by causing it to load external files via the HTML
(CVE-2014-3756).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | mumble | 0 (affected), 1.2.3-10.1.mga3 (unaffected) | — |
| Mageia | mumble | 0 (affected), 1.2.3-14.1.mga4 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,053 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.