Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/audacity@1.2.4b-2.1
purl pkg:deb/debian/audacity@1.2.4b-2.1
Next non-vulnerable version 2.4.2~dfsg0-5
Latest non-vulnerable version 2.4.2~dfsg0-5
Risk 10.0
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-2u5b-cbtr-xqa1
Aliases:
CVE-2007-6061
Audacity uses temporary files in an insecure manner, allowing for a symlink attack.
1.3.5-2+lenny1
Affected by 4 other vulnerabilities.
VCID-4e8r-fvv6-f7f2
Aliases:
CVE-2016-2541
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
2.1.2-2
Affected by 1 other vulnerability.
VCID-4zzy-q5zp-jkgm
Aliases:
CVE-2009-3720
A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.
1.3.5-2+lenny1
Affected by 4 other vulnerabilities.
VCID-c1k4-7mhy-73gp
Aliases:
CVE-2009-0490
A boundary error in Audacity allows for the execution of arbitrary code.
1.3.12-6
Affected by 3 other vulnerabilities.
VCID-nxc6-nv2g-17g6
Aliases:
CVE-2016-2540
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
2.1.2-2
Affected by 1 other vulnerability.
VCID-qtav-hqnd-b7fa
Aliases:
CVE-2009-3560
A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.
1.3.5-2+lenny1
Affected by 4 other vulnerabilities.
VCID-veb9-7659-wfg7
Aliases:
CVE-2020-11867
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
2.4.2~dfsg0-5
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T00:55:46.033494+00:00 Debian Oval Importer Affected by VCID-veb9-7659-wfg7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:40:08.650905+00:00 Debian Oval Importer Affected by VCID-nxc6-nv2g-17g6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:58:54.523844+00:00 Debian Oval Importer Affected by VCID-c1k4-7mhy-73gp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:51:23.542191+00:00 Debian Oval Importer Affected by VCID-4e8r-fvv6-f7f2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:37:30.179024+00:00 Debian Oval Importer Affected by VCID-2u5b-cbtr-xqa1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:35:22.255041+00:00 Debian Oval Importer Affected by VCID-4zzy-q5zp-jkgm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:10:54.290370+00:00 Debian Oval Importer Affected by VCID-qtav-hqnd-b7fa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-12T00:28:06.209384+00:00 Debian Oval Importer Affected by VCID-veb9-7659-wfg7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:14:58.224685+00:00 Debian Oval Importer Affected by VCID-nxc6-nv2g-17g6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:35:12.759049+00:00 Debian Oval Importer Affected by VCID-c1k4-7mhy-73gp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:29:53.554036+00:00 Debian Oval Importer Affected by VCID-4e8r-fvv6-f7f2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:18:39.903757+00:00 Debian Oval Importer Affected by VCID-2u5b-cbtr-xqa1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:20:00.947339+00:00 Debian Oval Importer Affected by VCID-4zzy-q5zp-jkgm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:58:21.261267+00:00 Debian Oval Importer Affected by VCID-qtav-hqnd-b7fa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T23:58:31.097407+00:00 Debian Oval Importer Affected by VCID-veb9-7659-wfg7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:48:30.481071+00:00 Debian Oval Importer Affected by VCID-nxc6-nv2g-17g6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:10:36.256363+00:00 Debian Oval Importer Affected by VCID-c1k4-7mhy-73gp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:08:14.626598+00:00 Debian Oval Importer Affected by VCID-4e8r-fvv6-f7f2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:59:30.202237+00:00 Debian Oval Importer Affected by VCID-2u5b-cbtr-xqa1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:06:05.437792+00:00 Debian Oval Importer Affected by VCID-4zzy-q5zp-jkgm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:51:27.958502+00:00 Debian Oval Importer Affected by VCID-qtav-hqnd-b7fa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0