aubio
PyPI9 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting aubiopage 1 of 1
- CVE-2017-17054MEDIUMCVSS 5.5EG 5.5✓ Fixed in 0.4.72017-11-29
vulnerable: 0.4.3 ... 0.4.6 (7 versions)
In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file.
- CVE-2017-17554MEDIUMCVSS 5.5EG 5.5✓ Fixed in 0.4.72017-12-12
vulnerable: 0.4.3 ... 0.4.6 (7 versions)
A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file.
- CVE-2017-17555MEDIUMCVSS 6.5EG 6.5✓ Fixed in 0.4.72017-12-12
vulnerable: 0.4.3 ... 0.4.6 (7 versions)
The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and applica…
- CVE-2018-14521HIGHCVSS 8.8EG 8.8✓ Fixed in 0.4.72018-07-23
vulnerable: 0.4.3 ... 0.4.6 (7 versions)
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.
- CVE-2018-14522HIGHCVSS 8.8EG 8.8✓ Fixed in 0.4.72018-07-23
vulnerable: 0.4.3 ... 0.4.6 (7 versions)
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.
- CVE-2018-14523HIGHCVSS 8.8EG 8.8✓ Fixed in 0.4.72018-07-23
vulnerable: 0.4.3 ... 0.4.6 (7 versions)
An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.
- CVE-2018-19800CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.4.92019-06-07
vulnerable: 0.4.3 ... 0.4.8 (9 versions)
aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo.
- CVE-2018-19801HIGHCVSS 7.5EG 7.5✓ Fixed in 0.4.92019-06-07
vulnerable: 0.4.3 ... 0.4.8 (9 versions)
aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters.
- CVE-2018-19802HIGHCVSS 7.5EG 7.5✓ Fixed in 0.4.92019-06-07
vulnerable: 0.4.3 ... 0.4.8 (9 versions)
aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference.
Check whether aubio is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for aubio CVEs against the assets you own.
Start Free Scan →