Upstream information
Description
NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
SUSE Bugzilla entry: 1257026 [NEW] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Wed Jan 21 00:00:44 2026CVE page last modified: Wed Jan 21 13:48:58 2026