This page aggregates publicly disclosed CVE and security risk information related to ardour, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-22617 | Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext. | [email protected] | 9.8 | 0.78% | 2021-10-08 | 2024-11-21 |
| CVE-2010-3349 | Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | [email protected] | 6.9 | 0.04% | 2010-10-20 | 2026-04-29 |