{"id":"CVE-2022-24599","details":"In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring function to get data, however, it dosn't use zero bytes to truncate the data.","modified":"2026-05-01T04:10:12.193260Z","published":"2022-02-22T00:00:00Z","related":["SUSE-SU-2025:01559-1","SUSE-SU-2025:02283-1","SUSE-SU-2025:1559-1","openSUSE-SU-2025:15050-1"],"database_specific":{"cna_assigner":"mitre","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/24xxx/CVE-2022-24599.json"},"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00020.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/24xxx/CVE-2022-24599.json"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4JXZ6QAMA3TSRY6GUZRY3WTHR7P5TPH/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTETOUJNRR75REYJZTBGF6TAJZYTMXUY/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZPG27YKICLIWUFOPVUOAFAZGOX4BNHY/"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24599"},{"type":"REPORT","url":"https://github.com/mpruett/audiofile/issues/60"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00006.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mpruett/audiofile","events":[{"introduced":"0"},{"last_affected":"d19a5ace5ae891c778cbc710d78634de6084b846"}],"database_specific":{"cpe":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"0.3.6"}],"source":"CPE_FIELD"}}],"versions":["audiofile-0.2.1","audiofile-0.2.2","audiofile-0.2.3","audiofile-0.2.4","audiofile-0.2.5","audiofile-0.2.6","audiofile-0.2.7","audiofile-0.3.0","audiofile-0.3.1","audiofile-0.3.2","audiofile-0.3.3","audiofile-0.3.4","audiofile-0.3.5","audiofile-0.3.6"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-24599.json"}}],"schema_version":"1.7.5"}