汇总 audacityteam 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 缓冲区溢出与路径处理缺陷 等问题,部分漏洞可能导致 应用崩溃,并影响 软件部署与生产负载 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2020-11867 | Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there. | [email protected] | 3.3 | 0.47% | 2020-11-30 | 2026-06-16 |
| CVE-2016-2541 | Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file. | [email protected] | 5.5 | 1.18% | 2018-02-07 | 2026-06-16 |
| CVE-2016-2540 | Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure. | [email protected] | 5.5 | 1.92% | 2018-02-07 | 2026-06-16 |
| CVE-2017-1000010 | Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution. | [email protected] | 7.8 | 2.12% | 2017-07-17 | 2026-06-16 |
| CVE-2009-0490 | Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string. | [email protected] | 9.3 | 16.62% | 2009-02-09 | 2026-06-16 |
| CVE-2007-6061 | Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. NOTE: this issue can be leveraged to delete arbitrary files or directories via a symlink attack. | [email protected] | 5.0 | 3.41% | 2007-11-20 | 2026-06-16 |