Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/csound@1:5.17.6~dfsg-1?distro=trixie
purl pkg:deb/debian/csound@1:5.17.6~dfsg-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-p73c-788f-nbe2 Stack-based buffer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file. CVE-2012-2108
VCID-wvkp-ava8-wybw Integer overflow in the pv_import function in util/pv_import.c in Csound 5.16.6, when converting a file, allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow. CVE-2012-2106
VCID-wwdj-c8rz-1udb Integer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow. CVE-2012-2107

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-29T16:52:05.524128+00:00 Debian Importer Fixing VCID-p73c-788f-nbe2 https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-29T16:52:05.497454+00:00 Debian Importer Fixing VCID-wwdj-c8rz-1udb https://security-tracker.debian.org/tracker/data/json 38.6.0
2026-05-29T16:52:05.470093+00:00 Debian Importer Fixing VCID-wvkp-ava8-wybw https://security-tracker.debian.org/tracker/data/json 38.6.0