The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file. https://nvd.nist.gov/vuln/detail/CVE-2017-11551