{"id":"CVE-2018-14523","details":"An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.","aliases":["GHSA-3x58-8qmv-wqw5","PYSEC-2018-63"],"modified":"2026-06-18T03:55:49.862135746Z","published":"2018-07-23T08:29:00.560Z","related":["openSUSE-SU-2018:2810-1","openSUSE-SU-2019:1049-1","openSUSE-SU-2019:1229-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_STRING","vendor_product":"opensuse:leap","extracted_events":[{"last_affected":"15.0"},{"last_affected":"42.3"}],"cpes":["cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"]},{"source":"CPE_STRING","vendor_product":"suse:linux_enterprise","extracted_events":[{"last_affected":"15.0"}],"cpes":["cpe:2.3:o:suse:linux_enterprise:15.0:*:*:*:*:*:*:*"]}]},"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00071.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00031.html"},{"type":"EVIDENCE","url":"https://github.com/aubio/aubio/issues/189"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/aubio/aubio","events":[{"introduced":"0"},{"last_affected":"c6ae035aa79571f3c04640652e0020580e03c195"}],"database_specific":{"source":"CPE_STRING","extracted_events":[{"introduced":"0"},{"last_affected":"0.4.6"}],"cpe":"cpe:2.3:a:aubio:aubio:0.4.6:*:*:*:*:*:*:*"}}],"versions":["0.4.6","0.4.5","0.4.4","0.4.3","0.4.1","0.4.0-beta1","bzr2git"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-14523.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}