Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-13147 (GCVE-0-2019-13147)
Vulnerability from cvelistv5
Published
2019-07-01 00:00
Modified
2024-08-04 23:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
References
| URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:41:10.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mpruett/audiofile/issues/54"
},
{
"name": "[debian-lts-announce] 20231112 [SECURITY] [DLA 3650-1] audiofile security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-12T23:06:13.885652",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/mpruett/audiofile/issues/54"
},
{
"name": "[debian-lts-announce] 20231112 [SECURITY] [DLA 3650-1] audiofile security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13147",
"datePublished": "2019-07-01T00:00:00",
"dateReserved": "2019-07-01T00:00:00",
"dateUpdated": "2024-08-04T23:41:10.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-13147\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-07-02T00:15:10.397\",\"lastModified\":\"2025-08-13T20:48:07.470\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.\"},{\"lang\":\"es\",\"value\":\"En Audio File Library (tambi\u00e9n se conoce como audiofile) versi\u00f3n 0.3.6, se presenta un error de desreferencia de puntero NULL en la funci\u00f3n ulaw2linear_buf en el archivo G711.cpp en la biblioteca libmodules.a que permite a un atacante causar una denegaci\u00f3n de servicio por medio de un archivo creado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C7E74B2-432B-4CCD-873F-AA7E012D8C7F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://github.com/mpruett/audiofile/issues/54\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://github.com/mpruett/audiofile/issues/54\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]}]}}"
}
}
fkie_cve-2019-13147
Vulnerability from fkie_nvd
Published
2019-07-02 00:15
Modified
2025-08-13 20:48
Severity ?
Summary
In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/mpruett/audiofile/issues/54 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/mpruett/audiofile/issues/54 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html | Mailing List |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| audiofile | audiofile | 0.3.6 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7E74B2-432B-4CCD-873F-AA7E012D8C7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file."
},
{
"lang": "es",
"value": "En Audio File Library (tambi\u00e9n se conoce como audiofile) versi\u00f3n 0.3.6, se presenta un error de desreferencia de puntero NULL en la funci\u00f3n ulaw2linear_buf en el archivo G711.cpp en la biblioteca libmodules.a que permite a un atacante causar una denegaci\u00f3n de servicio por medio de un archivo creado."
}
],
"id": "CVE-2019-13147",
"lastModified": "2025-08-13T20:48:07.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-02T00:15:10.397",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/mpruett/audiofile/issues/54"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/mpruett/audiofile/issues/54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2019-13147
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-13147",
"description": "In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.",
"id": "GSD-2019-13147",
"references": [
"https://www.suse.com/security/cve/CVE-2019-13147.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-13147"
],
"details": "In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.",
"id": "GSD-2019-13147",
"modified": "2023-12-13T01:23:41.310345Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mpruett/audiofile/issues/54",
"refsource": "MISC",
"url": "https://github.com/mpruett/audiofile/issues/54"
},
{
"name": "[debian-lts-announce] 20231112 [SECURITY] [DLA 3650-1] audiofile security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:audio_file_library_project:audio_file_library:0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "47CD841B-F23D-41F5-B31D-51A7B377BA75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file."
},
{
"lang": "es",
"value": "En Audio File Library (tambi\u00e9n se conoce como audiofile) versi\u00f3n 0.3.6, se presenta un error de desreferencia de puntero NULL en la funci\u00f3n ulaw2linear_buf en el archivo G711.cpp en la biblioteca libmodules.a que permite a un atacante causar una denegaci\u00f3n de servicio por medio de un archivo creado."
}
],
"id": "CVE-2019-13147",
"lastModified": "2023-12-28T15:58:45.607",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-02T00:15:10.397",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/mpruett/audiofile/issues/54"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
}
}
}
CERTFR-2024-AVI-0619
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | N/A | CF Deployment versions antérieures à 37.5.0 | ||
| VMware | N/A | VMware Tanzu Application Service for VMs versions 5.x antérieures à 5.0.8 | ||
| VMware | N/A | VMware Tanzu Application Service for VMs versions antérieures à 4.0.18+LTS-T | ||
| VMware | N/A | Isolation Segment versions 5.x antérieures à 5.0.8 | ||
| VMware | N/A | Isolation Segment versions antérieures à 4.0.18+LTS-T | ||
| VMware | N/A | Jammy Stemcells versions antérieures à 1.327 | ||
| VMware | N/A | Cflinuxfs4 versions antérieures à 1.69.0 | ||
| VMware | N/A | Operations Manager versions antérieures à 3.0.23+LTS-T |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CF Deployment versions ant\u00e9rieures \u00e0 37.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu Application Service for VMs versions 5.x ant\u00e9rieures \u00e0 5.0.8",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu Application Service for VMs versions ant\u00e9rieures \u00e0 4.0.18+LTS-T",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segment versions 5.x ant\u00e9rieures \u00e0 5.0.8",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segment versions ant\u00e9rieures \u00e0 4.0.18+LTS-T",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Jammy Stemcells versions ant\u00e9rieures \u00e0 1.327",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cflinuxfs4 versions ant\u00e9rieures \u00e0 1.69.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Operations Manager versions ant\u00e9rieures \u00e0 3.0.23+LTS-T",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-47008",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47008"
},
{
"name": "CVE-2023-1544",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1544"
},
{
"name": "CVE-2023-40360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40360"
},
{
"name": "CVE-2022-47007",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47007"
},
{
"name": "CVE-2023-4135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4135"
},
{
"name": "CVE-2023-5868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5868"
},
{
"name": "CVE-2022-4285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4285"
},
{
"name": "CVE-2023-3255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3255"
},
{
"name": "CVE-2021-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3611"
},
{
"name": "CVE-2022-44840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44840"
},
{
"name": "CVE-2021-46174",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46174"
},
{
"name": "CVE-2023-5870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2023-3180",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3180"
},
{
"name": "CVE-2022-35205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35205"
},
{
"name": "CVE-2023-5869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5869"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2020-14394",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14394"
},
{
"name": "CVE-2023-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22028"
},
{
"name": "CVE-2022-47015",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47015"
},
{
"name": "CVE-2020-24165",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24165"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2020-19726",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19726"
},
{
"name": "CVE-2022-47010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47010"
},
{
"name": "CVE-2023-2861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2861"
},
{
"name": "CVE-2018-17095",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17095"
},
{
"name": "CVE-2021-3638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3638"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2023-3301",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3301"
},
{
"name": "CVE-2023-3354",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3354"
},
{
"name": "CVE-2023-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22084"
},
{
"name": "CVE-2022-47011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47011"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2022-38533",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38533"
},
{
"name": "CVE-2022-45703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45703"
},
{
"name": "CVE-2023-5088",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5088"
},
{
"name": "CVE-2023-42467",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42467"
}
],
"initial_release_date": "2024-07-24T00:00:00",
"last_revision_date": "2024-07-24T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0619",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24798",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24798"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24805",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24805"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24799",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24799"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24808",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24808"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24807",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24807"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24810",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24810"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24809",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24809"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24804",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24804"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24806",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24806"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 24795",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24795"
}
]
}
suse-su-2025:02283-1
Vulnerability from csaf_suse
Published
2025-07-11 08:35
Modified
2025-07-11 08:35
Summary
Security update for audiofile
Notes
Title of the patch
Security update for audiofile
Description of the patch
This update for audiofile fixes the following issues:
- CVE-2019-13147: Do not allow too many channel to prevent NULL pointer dereference (bsc#1140031).
- CVE-2022-24599: Clear buffer when allocating (bsc#1196487).
Patchnames
SUSE-2025-2283,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2283
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for audiofile",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for audiofile fixes the following issues:\n\n- CVE-2019-13147: Do not allow too many channel to prevent NULL pointer dereference (bsc#1140031).\n- CVE-2022-24599: Clear buffer when allocating (bsc#1196487).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2283,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2283",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02283-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02283-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502283-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02283-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040689.html"
},
{
"category": "self",
"summary": "SUSE Bug 1140031",
"url": "https://bugzilla.suse.com/1140031"
},
{
"category": "self",
"summary": "SUSE Bug 1196487",
"url": "https://bugzilla.suse.com/1196487"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13147 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-24599 page",
"url": "https://www.suse.com/security/cve/CVE-2022-24599/"
}
],
"title": "Security update for audiofile",
"tracking": {
"current_release_date": "2025-07-11T08:35:16Z",
"generator": {
"date": "2025-07-11T08:35:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02283-1",
"initial_release_date": "2025-07-11T08:35:16Z",
"revision_history": [
{
"date": "2025-07-11T08:35:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-11.10.1.aarch64",
"product": {
"name": "audiofile-0.3.6-11.10.1.aarch64",
"product_id": "audiofile-0.3.6-11.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-11.10.1.aarch64",
"product": {
"name": "audiofile-devel-0.3.6-11.10.1.aarch64",
"product_id": "audiofile-devel-0.3.6-11.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-11.10.1.aarch64",
"product": {
"name": "audiofile-doc-0.3.6-11.10.1.aarch64",
"product_id": "audiofile-doc-0.3.6-11.10.1.aarch64"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-11.10.1.aarch64",
"product": {
"name": "libaudiofile1-0.3.6-11.10.1.aarch64",
"product_id": "libaudiofile1-0.3.6-11.10.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "audiofile-devel-64bit-0.3.6-11.10.1.aarch64_ilp32",
"product": {
"name": "audiofile-devel-64bit-0.3.6-11.10.1.aarch64_ilp32",
"product_id": "audiofile-devel-64bit-0.3.6-11.10.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libaudiofile1-64bit-0.3.6-11.10.1.aarch64_ilp32",
"product": {
"name": "libaudiofile1-64bit-0.3.6-11.10.1.aarch64_ilp32",
"product_id": "libaudiofile1-64bit-0.3.6-11.10.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-11.10.1.i586",
"product": {
"name": "audiofile-0.3.6-11.10.1.i586",
"product_id": "audiofile-0.3.6-11.10.1.i586"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-11.10.1.i586",
"product": {
"name": "audiofile-devel-0.3.6-11.10.1.i586",
"product_id": "audiofile-devel-0.3.6-11.10.1.i586"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-11.10.1.i586",
"product": {
"name": "audiofile-doc-0.3.6-11.10.1.i586",
"product_id": "audiofile-doc-0.3.6-11.10.1.i586"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-11.10.1.i586",
"product": {
"name": "libaudiofile1-0.3.6-11.10.1.i586",
"product_id": "libaudiofile1-0.3.6-11.10.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-11.10.1.ppc64le",
"product": {
"name": "audiofile-0.3.6-11.10.1.ppc64le",
"product_id": "audiofile-0.3.6-11.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-11.10.1.ppc64le",
"product": {
"name": "audiofile-devel-0.3.6-11.10.1.ppc64le",
"product_id": "audiofile-devel-0.3.6-11.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-11.10.1.ppc64le",
"product": {
"name": "audiofile-doc-0.3.6-11.10.1.ppc64le",
"product_id": "audiofile-doc-0.3.6-11.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-11.10.1.ppc64le",
"product": {
"name": "libaudiofile1-0.3.6-11.10.1.ppc64le",
"product_id": "libaudiofile1-0.3.6-11.10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-11.10.1.s390",
"product": {
"name": "audiofile-0.3.6-11.10.1.s390",
"product_id": "audiofile-0.3.6-11.10.1.s390"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-11.10.1.s390",
"product": {
"name": "audiofile-devel-0.3.6-11.10.1.s390",
"product_id": "audiofile-devel-0.3.6-11.10.1.s390"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-11.10.1.s390",
"product": {
"name": "audiofile-doc-0.3.6-11.10.1.s390",
"product_id": "audiofile-doc-0.3.6-11.10.1.s390"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-11.10.1.s390",
"product": {
"name": "libaudiofile1-0.3.6-11.10.1.s390",
"product_id": "libaudiofile1-0.3.6-11.10.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-11.10.1.s390x",
"product": {
"name": "audiofile-0.3.6-11.10.1.s390x",
"product_id": "audiofile-0.3.6-11.10.1.s390x"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-11.10.1.s390x",
"product": {
"name": "audiofile-devel-0.3.6-11.10.1.s390x",
"product_id": "audiofile-devel-0.3.6-11.10.1.s390x"
}
},
{
"category": "product_version",
"name": "audiofile-devel-32bit-0.3.6-11.10.1.s390x",
"product": {
"name": "audiofile-devel-32bit-0.3.6-11.10.1.s390x",
"product_id": "audiofile-devel-32bit-0.3.6-11.10.1.s390x"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-11.10.1.s390x",
"product": {
"name": "audiofile-doc-0.3.6-11.10.1.s390x",
"product_id": "audiofile-doc-0.3.6-11.10.1.s390x"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-11.10.1.s390x",
"product": {
"name": "libaudiofile1-0.3.6-11.10.1.s390x",
"product_id": "libaudiofile1-0.3.6-11.10.1.s390x"
}
},
{
"category": "product_version",
"name": "libaudiofile1-32bit-0.3.6-11.10.1.s390x",
"product": {
"name": "libaudiofile1-32bit-0.3.6-11.10.1.s390x",
"product_id": "libaudiofile1-32bit-0.3.6-11.10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-11.10.1.x86_64",
"product": {
"name": "audiofile-0.3.6-11.10.1.x86_64",
"product_id": "audiofile-0.3.6-11.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-11.10.1.x86_64",
"product": {
"name": "audiofile-devel-0.3.6-11.10.1.x86_64",
"product_id": "audiofile-devel-0.3.6-11.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "audiofile-devel-32bit-0.3.6-11.10.1.x86_64",
"product": {
"name": "audiofile-devel-32bit-0.3.6-11.10.1.x86_64",
"product_id": "audiofile-devel-32bit-0.3.6-11.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-11.10.1.x86_64",
"product": {
"name": "audiofile-doc-0.3.6-11.10.1.x86_64",
"product_id": "audiofile-doc-0.3.6-11.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-11.10.1.x86_64",
"product": {
"name": "libaudiofile1-0.3.6-11.10.1.x86_64",
"product_id": "libaudiofile1-0.3.6-11.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libaudiofile1-32bit-0.3.6-11.10.1.x86_64",
"product": {
"name": "libaudiofile1-32bit-0.3.6-11.10.1.x86_64",
"product_id": "libaudiofile1-32bit-0.3.6-11.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-0.3.6-11.10.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-0.3.6-11.10.1.x86_64"
},
"product_reference": "audiofile-0.3.6-11.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-devel-0.3.6-11.10.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-devel-0.3.6-11.10.1.x86_64"
},
"product_reference": "audiofile-devel-0.3.6-11.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libaudiofile1-0.3.6-11.10.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-0.3.6-11.10.1.x86_64"
},
"product_reference": "libaudiofile1-0.3.6-11.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libaudiofile1-32bit-0.3.6-11.10.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-32bit-0.3.6-11.10.1.x86_64"
},
"product_reference": "libaudiofile1-32bit-0.3.6-11.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13147"
}
],
"notes": [
{
"category": "general",
"text": "In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-devel-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-32bit-0.3.6-11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13147",
"url": "https://www.suse.com/security/cve/CVE-2019-13147"
},
{
"category": "external",
"summary": "SUSE Bug 1140031 for CVE-2019-13147",
"url": "https://bugzilla.suse.com/1140031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-devel-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-32bit-0.3.6-11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-devel-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-32bit-0.3.6-11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-11T08:35:16Z",
"details": "low"
}
],
"title": "CVE-2019-13147"
},
{
"cve": "CVE-2022-24599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-24599"
}
],
"notes": [
{
"category": "general",
"text": "In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn\u0027t use zero bytes to truncate the data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-devel-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-32bit-0.3.6-11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-24599",
"url": "https://www.suse.com/security/cve/CVE-2022-24599"
},
{
"category": "external",
"summary": "SUSE Bug 1196487 for CVE-2022-24599",
"url": "https://bugzilla.suse.com/1196487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-devel-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-32bit-0.3.6-11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:audiofile-devel-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-0.3.6-11.10.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libaudiofile1-32bit-0.3.6-11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-11T08:35:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-24599"
}
]
}
ghsa-f72j-hf57-7h84
Vulnerability from github
Published
2022-05-24 16:49
Modified
2023-11-13 00:30
Severity ?
VLAI Severity ?
Details
In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.
{
"affected": [],
"aliases": [
"CVE-2019-13147"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-02T00:15:00Z",
"severity": "MODERATE"
},
"details": "In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.",
"id": "GHSA-f72j-hf57-7h84",
"modified": "2023-11-13T00:30:17Z",
"published": "2022-05-24T16:49:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13147"
},
{
"type": "WEB",
"url": "https://github.com/mpruett/audiofile/issues/54"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
opensuse-su-2025:15150-1
Vulnerability from csaf_opensuse
Published
2025-05-23 00:00
Modified
2025-05-23 00:00
Summary
audiofile-0.3.6-16.1 on GA media
Notes
Title of the patch
audiofile-0.3.6-16.1 on GA media
Description of the patch
These are all security issues fixed in the audiofile-0.3.6-16.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15150
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "audiofile-0.3.6-16.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the audiofile-0.3.6-16.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15150",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15150-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:15150-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3ZNMUKZNIFKGWTKGEVWOT432KS3HE5PB/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:15150-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3ZNMUKZNIFKGWTKGEVWOT432KS3HE5PB/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13147 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13147/"
}
],
"title": "audiofile-0.3.6-16.1 on GA media",
"tracking": {
"current_release_date": "2025-05-23T00:00:00Z",
"generator": {
"date": "2025-05-23T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15150-1",
"initial_release_date": "2025-05-23T00:00:00Z",
"revision_history": [
{
"date": "2025-05-23T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-16.1.aarch64",
"product": {
"name": "audiofile-0.3.6-16.1.aarch64",
"product_id": "audiofile-0.3.6-16.1.aarch64"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-16.1.aarch64",
"product": {
"name": "audiofile-devel-0.3.6-16.1.aarch64",
"product_id": "audiofile-devel-0.3.6-16.1.aarch64"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-16.1.aarch64",
"product": {
"name": "audiofile-doc-0.3.6-16.1.aarch64",
"product_id": "audiofile-doc-0.3.6-16.1.aarch64"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-16.1.aarch64",
"product": {
"name": "libaudiofile1-0.3.6-16.1.aarch64",
"product_id": "libaudiofile1-0.3.6-16.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-16.1.ppc64le",
"product": {
"name": "audiofile-0.3.6-16.1.ppc64le",
"product_id": "audiofile-0.3.6-16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-16.1.ppc64le",
"product": {
"name": "audiofile-devel-0.3.6-16.1.ppc64le",
"product_id": "audiofile-devel-0.3.6-16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-16.1.ppc64le",
"product": {
"name": "audiofile-doc-0.3.6-16.1.ppc64le",
"product_id": "audiofile-doc-0.3.6-16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-16.1.ppc64le",
"product": {
"name": "libaudiofile1-0.3.6-16.1.ppc64le",
"product_id": "libaudiofile1-0.3.6-16.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-16.1.s390x",
"product": {
"name": "audiofile-0.3.6-16.1.s390x",
"product_id": "audiofile-0.3.6-16.1.s390x"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-16.1.s390x",
"product": {
"name": "audiofile-devel-0.3.6-16.1.s390x",
"product_id": "audiofile-devel-0.3.6-16.1.s390x"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-16.1.s390x",
"product": {
"name": "audiofile-doc-0.3.6-16.1.s390x",
"product_id": "audiofile-doc-0.3.6-16.1.s390x"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-16.1.s390x",
"product": {
"name": "libaudiofile1-0.3.6-16.1.s390x",
"product_id": "libaudiofile1-0.3.6-16.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "audiofile-0.3.6-16.1.x86_64",
"product": {
"name": "audiofile-0.3.6-16.1.x86_64",
"product_id": "audiofile-0.3.6-16.1.x86_64"
}
},
{
"category": "product_version",
"name": "audiofile-devel-0.3.6-16.1.x86_64",
"product": {
"name": "audiofile-devel-0.3.6-16.1.x86_64",
"product_id": "audiofile-devel-0.3.6-16.1.x86_64"
}
},
{
"category": "product_version",
"name": "audiofile-doc-0.3.6-16.1.x86_64",
"product": {
"name": "audiofile-doc-0.3.6-16.1.x86_64",
"product_id": "audiofile-doc-0.3.6-16.1.x86_64"
}
},
{
"category": "product_version",
"name": "libaudiofile1-0.3.6-16.1.x86_64",
"product": {
"name": "libaudiofile1-0.3.6-16.1.x86_64",
"product_id": "libaudiofile1-0.3.6-16.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-0.3.6-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-0.3.6-16.1.aarch64"
},
"product_reference": "audiofile-0.3.6-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-0.3.6-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-0.3.6-16.1.ppc64le"
},
"product_reference": "audiofile-0.3.6-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-0.3.6-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-0.3.6-16.1.s390x"
},
"product_reference": "audiofile-0.3.6-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-0.3.6-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-0.3.6-16.1.x86_64"
},
"product_reference": "audiofile-0.3.6-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-devel-0.3.6-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.aarch64"
},
"product_reference": "audiofile-devel-0.3.6-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-devel-0.3.6-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.ppc64le"
},
"product_reference": "audiofile-devel-0.3.6-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-devel-0.3.6-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.s390x"
},
"product_reference": "audiofile-devel-0.3.6-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-devel-0.3.6-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.x86_64"
},
"product_reference": "audiofile-devel-0.3.6-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-doc-0.3.6-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.aarch64"
},
"product_reference": "audiofile-doc-0.3.6-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-doc-0.3.6-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.ppc64le"
},
"product_reference": "audiofile-doc-0.3.6-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-doc-0.3.6-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.s390x"
},
"product_reference": "audiofile-doc-0.3.6-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "audiofile-doc-0.3.6-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.x86_64"
},
"product_reference": "audiofile-doc-0.3.6-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libaudiofile1-0.3.6-16.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.aarch64"
},
"product_reference": "libaudiofile1-0.3.6-16.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libaudiofile1-0.3.6-16.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.ppc64le"
},
"product_reference": "libaudiofile1-0.3.6-16.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libaudiofile1-0.3.6-16.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.s390x"
},
"product_reference": "libaudiofile1-0.3.6-16.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libaudiofile1-0.3.6-16.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.x86_64"
},
"product_reference": "libaudiofile1-0.3.6-16.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13147"
}
],
"notes": [
{
"category": "general",
"text": "In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.x86_64",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.x86_64",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.x86_64",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13147",
"url": "https://www.suse.com/security/cve/CVE-2019-13147"
},
{
"category": "external",
"summary": "SUSE Bug 1140031 for CVE-2019-13147",
"url": "https://bugzilla.suse.com/1140031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.x86_64",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.x86_64",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.x86_64",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:audiofile-0.3.6-16.1.x86_64",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:audiofile-devel-0.3.6-16.1.x86_64",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:audiofile-doc-0.3.6-16.1.x86_64",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.aarch64",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.ppc64le",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.s390x",
"openSUSE Tumbleweed:libaudiofile1-0.3.6-16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-23T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-13147"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…