← Back

Ardour

ardour

Vendor: Ardour • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-22617
1Ardour
1Ardour
Nov 21, 2024
Oct 8, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext.
CVE-2010-3349
1Ardour
1Ardour
Apr 29, 2026
Oct 20, 2010
N/A· v4
N/A· v3
6.9 MEDIUM· v2
Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.