Search for packages
Package details: pkg:deb/debian/audacity@1.3.5-2%2Blenny1
purl pkg:deb/debian/audacity@1.3.5-2%2Blenny1
Next non-vulnerable version 2.4.2~dfsg0-5
Latest non-vulnerable version 2.4.2~dfsg0-5
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-596q-e9aj-aaaj
Aliases:
CVE-2016-2541
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.
2.1.2-2
Affected by 1 other vulnerability.
VCID-9bcg-1va8-aaaq
Aliases:
CVE-2009-0490
Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string.
1.3.12-6
Affected by 3 other vulnerabilities.
VCID-cju4-naeb-aaac
Aliases:
CVE-2016-2540
Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.
2.1.2-2
Affected by 1 other vulnerability.
VCID-zc3j-zz4h-aaak
Aliases:
CVE-2020-11867
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.
2.4.2~dfsg0-5
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-8dyd-depr-aaam The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720. CVE-2009-3560
VCID-c7e7-cdc7-aaam The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. CVE-2009-3720
VCID-vs1q-ebdv-aaae Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack. CVE-2007-6061

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T18:42:19.609479+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:19:34.607546+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:11:03.535574+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:19:57.765266+00:00 Debian Oval Importer Affected by VCID-cju4-naeb-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:55:56.332734+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:45:14.479031+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:22:24.324218+00:00 Debian Oval Importer Affected by VCID-596q-e9aj-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T02:38:59.073624+00:00 Debian Oval Importer Affected by VCID-zc3j-zz4h-aaak None 36.1.3
2025-06-21T00:42:50.737207+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq None 36.1.3
2025-06-21T00:13:33.734731+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam None 36.1.3
2025-06-20T23:07:44.401415+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae None 36.1.3
2025-06-20T22:52:45.040477+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam None 36.1.3
2025-06-20T21:58:24.450606+00:00 Debian Oval Importer Affected by VCID-cju4-naeb-aaac None 36.1.3
2025-06-20T21:18:19.725798+00:00 Debian Oval Importer Affected by VCID-596q-e9aj-aaaj None 36.1.3
2025-06-08T12:42:03.853357+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:12:23.301373+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:00:40.753537+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:04:46.748394+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:14:30.985075+00:00 Debian Oval Importer Affected by VCID-cju4-naeb-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:50:55.032304+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:40:33.992467+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:24:36.224980+00:00 Debian Oval Importer Affected by VCID-596q-e9aj-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T20:03:45.828413+00:00 Debian Oval Importer Affected by VCID-zc3j-zz4h-aaak None 36.1.0
2025-06-07T18:05:25.345431+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq None 36.1.0
2025-06-07T17:36:23.821973+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam None 36.1.0
2025-06-07T16:30:53.821140+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae None 36.1.0
2025-06-07T16:16:04.980175+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam None 36.1.0
2025-06-07T15:21:52.049390+00:00 Debian Oval Importer Affected by VCID-cju4-naeb-aaac None 36.1.0
2025-06-07T14:42:06.977227+00:00 Debian Oval Importer Affected by VCID-596q-e9aj-aaaj None 36.1.0
2025-04-12T22:31:07.870150+00:00 Debian Oval Importer Affected by VCID-zc3j-zz4h-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:43:40.936147+00:00 Debian Oval Importer Affected by VCID-cju4-naeb-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T21:17:31.278803+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T20:34:53.532200+00:00 Debian Oval Importer Affected by VCID-596q-e9aj-aaaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:47:15.790760+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:28:50.779775+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:55:59.566013+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:32:57.194927+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:36:52.280741+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:46:42.278676+00:00 Debian Oval Importer Affected by VCID-cju4-naeb-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:22:43.311253+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:12:14.914082+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:55:43.419632+00:00 Debian Oval Importer Affected by VCID-596q-e9aj-aaaj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T18:41:11.405472+00:00 Debian Oval Importer Affected by VCID-zc3j-zz4h-aaak None 36.0.0
2025-04-07T16:42:32.150567+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq None 36.0.0
2025-04-07T16:11:06.677331+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam None 36.0.0
2025-04-07T15:02:53.752377+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae None 36.0.0
2025-04-07T14:47:35.539550+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam None 36.0.0
2025-04-07T13:53:15.518140+00:00 Debian Oval Importer Affected by VCID-cju4-naeb-aaac None 36.0.0
2025-04-07T13:14:07.419190+00:00 Debian Oval Importer Affected by VCID-596q-e9aj-aaaj None 36.0.0
2024-11-27T09:26:11.585773+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T08:15:19.084630+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T00:51:01.644464+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-26T09:42:49.709947+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T05:02:56.824130+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T04:13:05.983519+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T23:07:44.484321+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T13:04:43.333674+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T20:29:47.006586+00:00 Debian Oval Importer Fixing VCID-c7e7-cdc7-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T20:12:00.661710+00:00 Debian Oval Importer Fixing VCID-8dyd-depr-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T18:19:53.855278+00:00 Debian Oval Importer Affected by VCID-9bcg-1va8-aaaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T15:02:54.888691+00:00 Debian Oval Importer Fixing VCID-vs1q-ebdv-aaae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1