Vulnerabilities for Aubio (...) - CXSECURITY.COM

Vulnerabilities for 'Aubio'

2019-07-22

CVE-2019-1010224

CWE-476

aubio 0.4.8 and earlier is affected by: null pointer. The impact is: crash (DoS). The component is: onset. The fixed version is: after commit e4e0861cffbc8d3a53dcd18f9ae85797690d67c7.

CVE-2019-1010223

CWE-119

aubio 0.4.8 and earlier is affected by: Buffer Overflow. The impact is: buffer overflow in strcpy. The component is: tempo. The fixed version is: after commit b1559f4c9ce2b304d8d27ffdc7128b6795ca82e5.

CVE-2019-1010222

CWE-476

aubio 0.4.8 and earlier is affected by: null pointer. The impact is: crash. The component is: filterbank. The attack vector is: pass invalid arguments to new_aubio_filterbank. The fixed version is: after commit eda95c9c22b4f0b466ae94c4708765eaae6e709e.

2019-06-07

CVE-2018-19802

CWE-476

aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference.

CVE-2018-19801

CWE-476

aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters.

CVE-2018-19800

CWE-119

aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo.

2018-07-23

CVE-2018-14523

CWE-125

An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.

CVE-2018-14522

CWE-119

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.

CVE-2018-14521

CWE-119

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.

2017-12-11

CVE-2017-17555

CWE-476

The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.

Copyright 2024, cxsecurity.com