VulnerableCode Package Details - pkg:deb/debian/aubio@0.4.6-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-b3wr-n1xr-qqdc	In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.	CVE-2017-17054 GHSA-vcwx-8mqh-2557 PYSEC-2017-75
VCID-dzqc-z43a-x3ax	An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.	CVE-2018-14523 GHSA-3x58-8qmv-wqw5 PYSEC-2018-63
VCID-rjun-r6sr-dqfa	A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.	CVE-2017-17554 GHSA-45h5-cqqw-9rjw PYSEC-2017-76
VCID-tjwq-k1wm-ybdg	An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.	CVE-2018-14521 GHSA-rcv6-7hmv-fj7h PYSEC-2018-61
VCID-w9yc-7p9j-pycd	The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.	CVE-2017-17555 PYSEC-2017-77
VCID-xbc2-r4ma-w7hs	An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.	CVE-2018-14522 GHSA-g7g8-mx45-x4c8 PYSEC-2018-62

Vulnerability

Summary

Aliases

VCID-b3wr-n1xr-qqdc

In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.

CVE-2017-17054
GHSA-vcwx-8mqh-2557
PYSEC-2017-75

VCID-dzqc-z43a-x3ax

An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.

CVE-2018-14523
GHSA-3x58-8qmv-wqw5
PYSEC-2018-63

VCID-rjun-r6sr-dqfa

A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.

CVE-2017-17554
GHSA-45h5-cqqw-9rjw
PYSEC-2017-76

VCID-tjwq-k1wm-ybdg

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.

CVE-2018-14521
GHSA-rcv6-7hmv-fj7h
PYSEC-2018-61

VCID-w9yc-7p9j-pycd

The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.

CVE-2017-17555
PYSEC-2017-77

VCID-xbc2-r4ma-w7hs

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.

CVE-2018-14522
GHSA-g7g8-mx45-x4c8
PYSEC-2018-62

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:26:46.019326+00:00	Debian Importer	Fixing	VCID-rjun-r6sr-dqfa	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T13:01:45.452890+00:00	Debian Importer	Fixing	VCID-tjwq-k1wm-ybdg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:35:48.375978+00:00	Debian Importer	Fixing	VCID-dzqc-z43a-x3ax	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:11:13.886240+00:00	Debian Importer	Fixing	VCID-b3wr-n1xr-qqdc	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:02:25.982356+00:00	Debian Importer	Fixing	VCID-w9yc-7p9j-pycd	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:14:47.631198+00:00	Debian Importer	Fixing	VCID-xbc2-r4ma-w7hs	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:16:36.327803+00:00	Debian Importer	Fixing	VCID-rjun-r6sr-dqfa	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:57:19.320526+00:00	Debian Importer	Fixing	VCID-tjwq-k1wm-ybdg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:37:43.676666+00:00	Debian Importer	Fixing	VCID-dzqc-z43a-x3ax	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:20:08.617769+00:00	Debian Importer	Fixing	VCID-b3wr-n1xr-qqdc	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:29:43.619474+00:00	Debian Importer	Fixing	VCID-w9yc-7p9j-pycd	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:10:59.428287+00:00	Debian Importer	Fixing	VCID-xbc2-r4ma-w7hs	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:18:35.227386+00:00	Debian Importer	Fixing	VCID-rjun-r6sr-dqfa	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:17:03.871060+00:00	Debian Importer	Fixing	VCID-tjwq-k1wm-ybdg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:15:30.734604+00:00	Debian Importer	Fixing	VCID-dzqc-z43a-x3ax	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:14:02.566777+00:00	Debian Importer	Fixing	VCID-b3wr-n1xr-qqdc	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:10:10.665228+00:00	Debian Importer	Fixing	VCID-w9yc-7p9j-pycd	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:04:21.441620+00:00	Debian Importer	Fixing	VCID-xbc2-r4ma-w7hs	https://security-tracker.debian.org/tracker/data/json	38.1.0