First published: Fri Oct 08 2021(Updated: )
Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ardour Ardour | =5.12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-22617.
The severity of CVE-2020-22617 is critical with a CVSS score of 9.8.
The affected software for CVE-2020-22617 is Ardour version 5.12.
More information about CVE-2020-22617 can be found at the following references: [GitHub](https://github.com/Ardour/ardour/commit/96daa4036a) and [Ardour Tracker](https://tracker.ardour.org/view.php?id=7926).
The CWE ID for this vulnerability is CWE-416.