Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-24599

Опубликовано: 24 фев. 2022
Источник: ubuntu
Приоритет: low
CVSS2: 4.3
CVSS3: 6.5

Описание

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

0.3.6-6
esm-apps/bionic

released

0.3.6-4ubuntu0.1~esm1
esm-apps/focal

released

0.3.6-5+deb10u1build0.20.04.1
esm-apps/jammy

released

0.3.6-5+deb10u1build0.22.04.1
esm-apps/xenial

released

0.3.6-2ubuntu0.16.04.1+esm1
esm-infra-legacy/trusty

released

0.3.6-2ubuntu0.14.04.3+esm1
focal

released

0.3.6-5+deb10u1build0.20.04.1
impish

ignored

end of life
jammy

released

0.3.6-5+deb10u1build0.22.04.1

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-24599

CVSS3: 6.5
redhat
почти 4 года назад

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.

nvd логотип

CVE-2022-24599

CVSS3: 6.5
nvd
почти 4 года назад

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.

debian логотип

CVE-2022-24599

CVSS3: 6.5
debian
почти 4 года назад

In autofile Audio File Library 0.3.6, there exists one memory leak vul ...

github логотип

GHSA-9hgh-v7v7-5f66

CVSS3: 6.5
github
почти 4 года назад

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.

suse-cvrf логотип

SUSE-SU-2025:1559-1

suse-cvrf
9 месяцев назад

Security update for audiofile

4.3 Medium

CVSS2

6.5 Medium

CVSS3