PYSEC-2017-77

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/aubio/PYSEC-2017-77.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2017-77

Aliases

CVE-2017-17555

Published

2017-12-12T01:29:00Z

Modified

2023-11-08T03:59:14.586629Z

Summary

[none]

Details

The swriaudioconvert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.

References

https://github.com/IvanCql/vulnerability/blob/master/An%20NULL%20pointer%20dereference(DoS)%20Vulnerability%20was%20found%20in%20function%20swri_audio_convert%20of%20ffmpeg%20libswresample.md
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html

Affected packages

PyPI / aubio

Package

Name: aubio; View open source insights on deps.dev
Purl: pkg:pypi/aubio

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.4.7

Affected versions

0.*

0.4.3a1

0.4.3a2

0.4.3

0.4.3.post1

0.4.4

0.4.5

0.4.6