VulnerableCode Package Details - pkg:deb/debian/aubio@0.4.6-2

Search for packages

Vulnerability	Summary	Fixed by
VCID-7kh4-36ar-vqdc Aliases: CVE-2018-19802 GHSA-c6jq-h4jp-72pr PYSEC-2019-164	aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference.	0.4.9-4 Affected by 0 other vulnerabilities.
VCID-bgwj-p1y1-mycb Aliases: CVE-2018-19800 GHSA-grmf-4fq6-2r79 PYSEC-2019-162	aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo.	0.4.9-4 Affected by 0 other vulnerabilities.
VCID-k5dk-dngq-3ycy Aliases: CVE-2018-19801 GHSA-7vvr-h4p5-m7fh PYSEC-2019-163	aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters.	0.4.9-4 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-7kh4-36ar-vqdc
Aliases:
CVE-2018-19802
GHSA-c6jq-h4jp-72pr
PYSEC-2019-164

aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference.

0.4.9-4
Affected by 0 other vulnerabilities.

VCID-bgwj-p1y1-mycb
Aliases:
CVE-2018-19800
GHSA-grmf-4fq6-2r79
PYSEC-2019-162

aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo.

0.4.9-4
Affected by 0 other vulnerabilities.

VCID-k5dk-dngq-3ycy
Aliases:
CVE-2018-19801
GHSA-7vvr-h4p5-m7fh
PYSEC-2019-163

aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters.

0.4.9-4
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-b3wr-n1xr-qqdc	In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.	CVE-2017-17054 GHSA-vcwx-8mqh-2557 PYSEC-2017-75
VCID-dzqc-z43a-x3ax	An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.	CVE-2018-14523 GHSA-3x58-8qmv-wqw5 PYSEC-2018-63
VCID-rjun-r6sr-dqfa	A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.	CVE-2017-17554 GHSA-45h5-cqqw-9rjw PYSEC-2017-76
VCID-tjwq-k1wm-ybdg	An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.	CVE-2018-14521 GHSA-rcv6-7hmv-fj7h PYSEC-2018-61
VCID-w9yc-7p9j-pycd	The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.	CVE-2017-17555 PYSEC-2017-77
VCID-xbc2-r4ma-w7hs	An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.	CVE-2018-14522 GHSA-g7g8-mx45-x4c8 PYSEC-2018-62

Vulnerability

Summary

Aliases

VCID-b3wr-n1xr-qqdc

In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.

CVE-2017-17054
GHSA-vcwx-8mqh-2557
PYSEC-2017-75

VCID-dzqc-z43a-x3ax

An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.

CVE-2018-14523
GHSA-3x58-8qmv-wqw5
PYSEC-2018-63

VCID-rjun-r6sr-dqfa

A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.

CVE-2017-17554
GHSA-45h5-cqqw-9rjw
PYSEC-2017-76

VCID-tjwq-k1wm-ybdg

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.

CVE-2018-14521
GHSA-rcv6-7hmv-fj7h
PYSEC-2018-61

VCID-w9yc-7p9j-pycd

The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.

CVE-2017-17555
PYSEC-2017-77

VCID-xbc2-r4ma-w7hs

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.

CVE-2018-14522
GHSA-g7g8-mx45-x4c8
PYSEC-2018-62

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:09:16.628661+00:00	Debian Oval Importer	Fixing	VCID-rjun-r6sr-dqfa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:50:54.133471+00:00	Debian Oval Importer	Fixing	VCID-w9yc-7p9j-pycd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:22:44.548192+00:00	Debian Oval Importer	Affected by	VCID-7kh4-36ar-vqdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-12T00:30:05.253764+00:00	Debian Oval Importer	Fixing	VCID-b3wr-n1xr-qqdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-12T00:21:48.245037+00:00	Debian Oval Importer	Affected by	VCID-bgwj-p1y1-mycb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-12T00:00:50.917543+00:00	Debian Oval Importer	Fixing	VCID-tjwq-k1wm-ybdg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:37:46.961690+00:00	Debian Oval Importer	Affected by	VCID-k5dk-dngq-3ycy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:55:42.934428+00:00	Debian Oval Importer	Fixing	VCID-xbc2-r4ma-w7hs	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:55:30.204905+00:00	Debian Oval Importer	Fixing	VCID-dzqc-z43a-x3ax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:45:15.897187+00:00	Debian Oval Importer	Fixing	VCID-rjun-r6sr-dqfa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:29:24.373046+00:00	Debian Oval Importer	Fixing	VCID-w9yc-7p9j-pycd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:09:10.384226+00:00	Debian Oval Importer	Affected by	VCID-7kh4-36ar-vqdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-09T00:00:28.477862+00:00	Debian Oval Importer	Fixing	VCID-b3wr-n1xr-qqdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:52:31.017530+00:00	Debian Oval Importer	Affected by	VCID-bgwj-p1y1-mycb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:32:18.690948+00:00	Debian Oval Importer	Fixing	VCID-tjwq-k1wm-ybdg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:10:20.948998+00:00	Debian Oval Importer	Affected by	VCID-k5dk-dngq-3ycy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:30:03.577427+00:00	Debian Oval Importer	Fixing	VCID-xbc2-r4ma-w7hs	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:29:51.241731+00:00	Debian Oval Importer	Fixing	VCID-dzqc-z43a-x3ax	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:20:04.157109+00:00	Debian Oval Importer	Fixing	VCID-rjun-r6sr-dqfa	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:07:46.693503+00:00	Debian Oval Importer	Fixing	VCID-w9yc-7p9j-pycd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:58:16.688950+00:00	Debian Oval Importer	Affected by	VCID-7kh4-36ar-vqdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0