PyPI package
aubio
pkg:pypi/aubio
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-19800 | — | >= 0.4.0, < 0.4.9 | 0.4.9 | Jun 7, 2019 | aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo. | ||
| CVE-2018-19801 | — | >= 0.4.0, < 0.4.9 | 0.4.9 | Jun 7, 2019 | aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters. | ||
| CVE-2018-19802 | — | >= 0.4.0, < 0.4.9 | 0.4.9 | Jun 7, 2019 | aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference. | ||
| CVE-2018-14523 | — | < 0.4.7 | 0.4.7 | Jul 23, 2018 | An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes. | ||
| CVE-2018-14522 | — | < 0.4.7 | 0.4.7 | Jul 23, 2018 | An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes. | ||
| CVE-2018-14521 | — | < 0.4.7 | 0.4.7 | Jul 23, 2018 | An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc. | ||
| CVE-2017-17554 | Med | 5.5 | < 0.4.7 | 0.4.7 | Dec 12, 2017 | A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file. | |
| CVE-2017-17054 | Med | 5.5 | < 0.4.7 | 0.4.7 | Nov 29, 2017 | In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file. |
- CVE-2018-19800Jun 7, 2019affected >= 0.4.0, < 0.4.9fixed 0.4.9
aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo.
- CVE-2018-19801Jun 7, 2019affected >= 0.4.0, < 0.4.9fixed 0.4.9
aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters.
- CVE-2018-19802Jun 7, 2019affected >= 0.4.0, < 0.4.9fixed 0.4.9
aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference.
- CVE-2018-14523Jul 23, 2018affected < 0.4.7fixed 0.4.7
An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.
- CVE-2018-14522Jul 23, 2018affected < 0.4.7fixed 0.4.7
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.
- CVE-2018-14521Jul 23, 2018affected < 0.4.7fixed 0.4.7
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.
- affected < 0.4.7fixed 0.4.7
A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.
- affected < 0.4.7fixed 0.4.7
In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.