CVE-2025-71264

Name

CVE-2025-71264

Description

Mumble before 1.6.870 is prone to an out-of-bounds array access, which may result in denial of service (client crash).

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

Exploits

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
cve@mitre.org	https://bugs.debian.org/1129178
cve@mitre.org	https://github.com/mumble-voip/mumble/commit/ff2a2332cccb267721553f09c0ded4de880622e0
cve@mitre.org	https://github.com/mumble-voip/mumble/pull/7032

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:mumble:mumble::::::::`	mumble	>= None	< 1.6.870

Source package	Branch	Version	Maintainer	Status
mumble	edge-community	1.5.857-r2	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.5.857-r1	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.5.857-r0	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.5.735-r5	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.5.735-r4	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.5.735-r3	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.5.735-r2	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.5.735-r1	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.5.735-r0	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.5.634-r0	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.4.287-r12	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable
mumble	edge-community	1.3.4-r0	None	possibly vulnerable
mumble	edge-community	1.2.19-r9	None	possibly vulnerable
mumble	3.23-community	1.5.857-r0	Patrycja Rosa <alpine@ptrcnull.me>	possibly vulnerable