VulnerableCode Package Details - pkg:deb/debian/aubio@0.4.9-4?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-7kh4-36ar-vqdc	aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference.	CVE-2018-19802 GHSA-c6jq-h4jp-72pr PYSEC-2019-164
VCID-b3wr-n1xr-qqdc	In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.	CVE-2017-17054 GHSA-vcwx-8mqh-2557 PYSEC-2017-75
VCID-bgwj-p1y1-mycb	aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo.	CVE-2018-19800 GHSA-grmf-4fq6-2r79 PYSEC-2019-162
VCID-dzqc-z43a-x3ax	An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.	CVE-2018-14523 GHSA-3x58-8qmv-wqw5 PYSEC-2018-63
VCID-k5dk-dngq-3ycy	aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters.	CVE-2018-19801 GHSA-7vvr-h4p5-m7fh PYSEC-2019-163
VCID-rjun-r6sr-dqfa	A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.	CVE-2017-17554 GHSA-45h5-cqqw-9rjw PYSEC-2017-76
VCID-tjwq-k1wm-ybdg	An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.	CVE-2018-14521 GHSA-rcv6-7hmv-fj7h PYSEC-2018-61
VCID-w9yc-7p9j-pycd	The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.	CVE-2017-17555 PYSEC-2017-77
VCID-xbc2-r4ma-w7hs	An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.	CVE-2018-14522 GHSA-g7g8-mx45-x4c8 PYSEC-2018-62

Vulnerability

Summary

Aliases

VCID-7kh4-36ar-vqdc

aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference.

CVE-2018-19802
GHSA-c6jq-h4jp-72pr
PYSEC-2019-164

VCID-b3wr-n1xr-qqdc

In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.

CVE-2017-17054
GHSA-vcwx-8mqh-2557
PYSEC-2017-75

VCID-bgwj-p1y1-mycb

aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo.

CVE-2018-19800
GHSA-grmf-4fq6-2r79
PYSEC-2019-162

VCID-dzqc-z43a-x3ax

An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.

CVE-2018-14523
GHSA-3x58-8qmv-wqw5
PYSEC-2018-63

VCID-k5dk-dngq-3ycy

aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters.

CVE-2018-19801
GHSA-7vvr-h4p5-m7fh
PYSEC-2019-163

VCID-rjun-r6sr-dqfa

A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.

CVE-2017-17554
GHSA-45h5-cqqw-9rjw
PYSEC-2017-76

VCID-tjwq-k1wm-ybdg

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.

CVE-2018-14521
GHSA-rcv6-7hmv-fj7h
PYSEC-2018-61

VCID-w9yc-7p9j-pycd

The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.

CVE-2017-17555
PYSEC-2017-77

VCID-xbc2-r4ma-w7hs

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.

CVE-2018-14522
GHSA-g7g8-mx45-x4c8
PYSEC-2018-62

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:26:46.026307+00:00	Debian Importer	Fixing	VCID-rjun-r6sr-dqfa	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T13:01:45.458970+00:00	Debian Importer	Fixing	VCID-tjwq-k1wm-ybdg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:35:48.382194+00:00	Debian Importer	Fixing	VCID-dzqc-z43a-x3ax	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:11:13.892741+00:00	Debian Importer	Fixing	VCID-b3wr-n1xr-qqdc	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:10:53.643705+00:00	Debian Importer	Fixing	VCID-bgwj-p1y1-mycb	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:02:25.989491+00:00	Debian Importer	Fixing	VCID-w9yc-7p9j-pycd	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:18:56.115032+00:00	Debian Importer	Fixing	VCID-7kh4-36ar-vqdc	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:14:47.638253+00:00	Debian Importer	Fixing	VCID-xbc2-r4ma-w7hs	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:37:31.983545+00:00	Debian Importer	Fixing	VCID-k5dk-dngq-3ycy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:16:36.334797+00:00	Debian Importer	Fixing	VCID-rjun-r6sr-dqfa	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:57:19.327386+00:00	Debian Importer	Fixing	VCID-tjwq-k1wm-ybdg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:37:43.683696+00:00	Debian Importer	Fixing	VCID-dzqc-z43a-x3ax	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:20:08.624799+00:00	Debian Importer	Fixing	VCID-b3wr-n1xr-qqdc	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:19:54.940606+00:00	Debian Importer	Fixing	VCID-bgwj-p1y1-mycb	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:29:43.625854+00:00	Debian Importer	Fixing	VCID-w9yc-7p9j-pycd	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:56:35.755284+00:00	Debian Importer	Fixing	VCID-7kh4-36ar-vqdc	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:10:59.434908+00:00	Debian Importer	Fixing	VCID-xbc2-r4ma-w7hs	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:48:03.960792+00:00	Debian Importer	Fixing	VCID-k5dk-dngq-3ycy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:18:35.234091+00:00	Debian Importer	Fixing	VCID-rjun-r6sr-dqfa	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:17:03.877340+00:00	Debian Importer	Fixing	VCID-tjwq-k1wm-ybdg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:15:30.741220+00:00	Debian Importer	Fixing	VCID-dzqc-z43a-x3ax	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:14:02.573306+00:00	Debian Importer	Fixing	VCID-b3wr-n1xr-qqdc	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:14:01.275613+00:00	Debian Importer	Fixing	VCID-bgwj-p1y1-mycb	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:10:10.671573+00:00	Debian Importer	Fixing	VCID-w9yc-7p9j-pycd	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:07:44.205883+00:00	Debian Importer	Fixing	VCID-7kh4-36ar-vqdc	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:04:21.447532+00:00	Debian Importer	Fixing	VCID-xbc2-r4ma-w7hs	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:02:10.237486+00:00	Debian Importer	Fixing	VCID-k5dk-dngq-3ycy	https://security-tracker.debian.org/tracker/data/json	38.1.0