Search CVE reports
1 – 3 of 3 results
Multiple unbounded alloca() calls in the PulseAudio protocol server.
2 affected packages
pipewire, pulseaudio
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pipewire | Vulnerable | Vulnerable | Vulnerable | Not affected | — |
| pulseaudio | Not affected | Not affected | Not affected | Not affected | Not affected |
RAOP module accepts unbounded Content-Length values and does not check the pw_array_add() return.
1 affected package
pipewire
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pipewire | Vulnerable | Vulnerable | Not affected | Not affected | — |
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.
2 affected packages
pipewire, wireplumber
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| pipewire | — | Not affected | Ignored | Not affected | Ignored |
| wireplumber | — | Not affected | Ignored | Not in release | Ignored |