VulnerableCode Package Details - pkg:deb/debian/audacity@1.3.12-6

Search for packages

Vulnerability	Summary	Fixed by
VCID-4e8r-fvv6-f7f2 Aliases: CVE-2016-2541	Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.	2.1.2-2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-nxc6-nv2g-17g6 Aliases: CVE-2016-2540	Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.	2.1.2-2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-veb9-7659-wfg7 Aliases: CVE-2020-11867	Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.	2.4.2~dfsg0-5 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-4e8r-fvv6-f7f2
Aliases:
CVE-2016-2541

Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.

2.1.2-2
Affected by 1 other vulnerability.

VCID-nxc6-nv2g-17g6
Aliases:
CVE-2016-2540

Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.

2.1.2-2
Affected by 1 other vulnerability.

VCID-veb9-7659-wfg7
Aliases:
CVE-2020-11867

Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.

2.4.2~dfsg0-5
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-c1k4-7mhy-73gp	A boundary error in Audacity allows for the execution of arbitrary code.	CVE-2009-0490

Vulnerability

Summary

Aliases

VCID-c1k4-7mhy-73gp

A boundary error in Audacity allows for the execution of arbitrary code.

CVE-2009-0490

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:40:08.658239+00:00	Debian Oval Importer	Affected by	VCID-nxc6-nv2g-17g6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:58:54.531695+00:00	Debian Oval Importer	Fixing	VCID-c1k4-7mhy-73gp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:51:23.548680+00:00	Debian Oval Importer	Affected by	VCID-4e8r-fvv6-f7f2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-12T00:28:06.217626+00:00	Debian Oval Importer	Affected by	VCID-veb9-7659-wfg7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:14:58.232235+00:00	Debian Oval Importer	Affected by	VCID-nxc6-nv2g-17g6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:35:12.766542+00:00	Debian Oval Importer	Fixing	VCID-c1k4-7mhy-73gp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:29:53.573468+00:00	Debian Oval Importer	Affected by	VCID-4e8r-fvv6-f7f2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:58:31.106020+00:00	Debian Oval Importer	Affected by	VCID-veb9-7659-wfg7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:48:30.489669+00:00	Debian Oval Importer	Affected by	VCID-nxc6-nv2g-17g6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:10:36.264720+00:00	Debian Oval Importer	Fixing	VCID-c1k4-7mhy-73gp	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:08:14.641701+00:00	Debian Oval Importer	Affected by	VCID-4e8r-fvv6-f7f2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0