Your submission was sent successfully! Close

CVE-2022-24599

Published: 24 February 2022

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
audiofile
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

impish Ignored
(reached end-of-life)
jammy Needs triage

trusty Needs triage

upstream Needs triage

xenial Ignored
(out of standard support)