The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib version 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.
aef2419e47ea6d4026994bdeff4c305d9c04fb5575c81572288b93ee7047ba9d