aubio 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには バッファオーバーフロー and vendor risk memory corruption があり、vendor surface production workloads and vendor surface software deployment の利用場面で vendor impact memory corruption and アプリケーションクラッシュ などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2018-19802 | aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference. | [email protected] | 7.5 | 2.24% | 2019-06-07 | 2026-06-16 |
| CVE-2018-19801 | aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters. | [email protected] | 7.5 | 2.06% | 2019-06-07 | 2026-06-16 |
| CVE-2018-19800 | aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo. | [email protected] | 9.8 | 2.24% | 2019-06-07 | 2026-06-16 |
| CVE-2018-14523 | An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes. | [email protected] | 8.8 | 1.97% | 2018-07-23 | 2026-06-16 |
| CVE-2018-14522 | An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes. | [email protected] | 8.8 | 1.95% | 2018-07-23 | 2026-06-16 |
| CVE-2018-14521 | An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc. | [email protected] | 8.8 | 1.50% | 2018-07-23 | 2026-06-16 |
| CVE-2017-17555 | The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file. | [email protected] | 6.5 | 1.05% | 2017-12-11 | 2026-06-16 |
| CVE-2017-17554 | A NULL pointer dereference (DoS) Vulnerability was found in the function aubio_source_avcodec_readframe in io/source_avcodec.c of aubio 0.4.6, which may lead to DoS when playing a crafted audio file. | [email protected] | 5.5 | 0.74% | 2017-12-11 | 2026-06-16 |
| CVE-2017-17054 | In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a crafted audio file. | [email protected] | 5.5 | 0.83% | 2017-11-29 | 2026-06-16 |