{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35155?format=json","vulnerability_id":"VCID-t5xc-9bzf-5kas","summary":"A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.","aliases":[{"alias":"CVE-2017-17554"},{"alias":"PYSEC-2017-76"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10577?format=json","purl":"pkg:pypi/aubio@0.4.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vct-fzbc-27ep"},{"vulnerability":"VCID-3yb2-e9ke-auc4"},{"vulnerability":"VCID-uavx-j693-b3bj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/aubio@0.4.7"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10570?format=json","purl":"pkg:pypi/aubio@0.4.3a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vct-fzbc-27ep"},{"vulnerability":"VCID-3yb2-e9ke-auc4"},{"vulnerability":"VCID-4xqx-q5an-63df"},{"vulnerability":"VCID-7uwy-g2fv-xfc7"},{"vulnerability":"VCID-ecxp-5hv8-mbbd"},{"vulnerability":"VCID-eymz-cpuw-1kcb"},{"vulnerability":"VCID-t5xc-9bzf-5kas"},{"vulnerability":"VCID-uavx-j693-b3bj"},{"vulnerability":"VCID-zvqm-pym8-9ug8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/aubio@0.4.3a1"},{"url":"http://public2.vulnerablecode.io/api/packages/10571?format=json","purl":"pkg:pypi/aubio@0.4.3a2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vct-fzbc-27ep"},{"vulnerability":"VCID-3yb2-e9ke-auc4"},{"vulnerability":"VCID-4xqx-q5an-63df"},{"vulnerability":"VCID-7uwy-g2fv-xfc7"},{"vulnerability":"VCID-ecxp-5hv8-mbbd"},{"vulnerability":"VCID-eymz-cpuw-1kcb"},{"vulnerability":"VCID-t5xc-9bzf-5kas"},{"vulnerability":"VCID-uavx-j693-b3bj"},{"vulnerability":"VCID-zvqm-pym8-9ug8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/aubio@0.4.3a2"},{"url":"http://public2.vulnerablecode.io/api/packages/10572?format=json","purl":"pkg:pypi/aubio@0.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vct-fzbc-27ep"},{"vulnerability":"VCID-3yb2-e9ke-auc4"},{"vulnerability":"VCID-4xqx-q5an-63df"},{"vulnerability":"VCID-7uwy-g2fv-xfc7"},{"vulnerability":"VCID-ecxp-5hv8-mbbd"},{"vulnerability":"VCID-eymz-cpuw-1kcb"},{"vulnerability":"VCID-t5xc-9bzf-5kas"},{"vulnerability":"VCID-uavx-j693-b3bj"},{"vulnerability":"VCID-zvqm-pym8-9ug8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/aubio@0.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/10573?format=json","purl":"pkg:pypi/aubio@0.4.3.post1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vct-fzbc-27ep"},{"vulnerability":"VCID-3yb2-e9ke-auc4"},{"vulnerability":"VCID-4xqx-q5an-63df"},{"vulnerability":"VCID-7uwy-g2fv-xfc7"},{"vulnerability":"VCID-ecxp-5hv8-mbbd"},{"vulnerability":"VCID-eymz-cpuw-1kcb"},{"vulnerability":"VCID-t5xc-9bzf-5kas"},{"vulnerability":"VCID-uavx-j693-b3bj"},{"vulnerability":"VCID-zvqm-pym8-9ug8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/aubio@0.4.3.post1"},{"url":"http://public2.vulnerablecode.io/api/packages/10574?format=json","purl":"pkg:pypi/aubio@0.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vct-fzbc-27ep"},{"vulnerability":"VCID-3yb2-e9ke-auc4"},{"vulnerability":"VCID-4xqx-q5an-63df"},{"vulnerability":"VCID-7uwy-g2fv-xfc7"},{"vulnerability":"VCID-ecxp-5hv8-mbbd"},{"vulnerability":"VCID-eymz-cpuw-1kcb"},{"vulnerability":"VCID-t5xc-9bzf-5kas"},{"vulnerability":"VCID-uavx-j693-b3bj"},{"vulnerability":"VCID-zvqm-pym8-9ug8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/aubio@0.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/10575?format=json","purl":"pkg:pypi/aubio@0.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vct-fzbc-27ep"},{"vulnerability":"VCID-3yb2-e9ke-auc4"},{"vulnerability":"VCID-4xqx-q5an-63df"},{"vulnerability":"VCID-7uwy-g2fv-xfc7"},{"vulnerability":"VCID-ecxp-5hv8-mbbd"},{"vulnerability":"VCID-eymz-cpuw-1kcb"},{"vulnerability":"VCID-t5xc-9bzf-5kas"},{"vulnerability":"VCID-uavx-j693-b3bj"},{"vulnerability":"VCID-zvqm-pym8-9ug8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/aubio@0.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/10576?format=json","purl":"pkg:pypi/aubio@0.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vct-fzbc-27ep"},{"vulnerability":"VCID-3yb2-e9ke-auc4"},{"vulnerability":"VCID-4xqx-q5an-63df"},{"vulnerability":"VCID-7uwy-g2fv-xfc7"},{"vulnerability":"VCID-ecxp-5hv8-mbbd"},{"vulnerability":"VCID-eymz-cpuw-1kcb"},{"vulnerability":"VCID-t5xc-9bzf-5kas"},{"vulnerability":"VCID-uavx-j693-b3bj"},{"vulnerability":"VCID-zvqm-pym8-9ug8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/aubio@0.4.6"}],"references":[{"reference_url":"https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20%20aubio_source_avcodec_readframe%20of%20aubio.md","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20%20aubio_source_avcodec_readframe%20of%20aubio.md"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17554","reference_id":"CVE-2017-17554","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17554"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":476,"name":"NULL Pointer Dereference","description":"A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t5xc-9bzf-5kas"}